In the Linux kernel, the following vulnerability has been resolved:
USB: usb-storage: Prevent divide-by-0 error in isd200atacommand
The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ or WRITE commands. The calculation involves division and modulus operations, which will cause a crash if either of these values is 0. While this never happens with a genuine device, it could happen with a flawed or subversive emulation, as reported by the syzbot fuzzer.
Protect against this possibility by refusing to bind to the device if either the ATAIDHEADS or ATAIDSECTORS value in the device's ID information is 0. This requires isd200_Initialization() to return a negative error code when initialization fails; currently it always returns 0 (even when there is an error).
{ "vanir_signatures": [ { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-13d849d8", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a67d4ab9e730361d183086dfb0ddd8c61f01636" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-2551c553", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6c1f36d92c0a8799569055012665d2bb066fb964" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-2ba2f226", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "22736974415367348709462513573404752109", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb7b01ca778170654e1c76950024270ba74b121f" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-2ea553ff", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "22736974415367348709462513573404752109", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@284fb1003d5da111019b9e0bf99b084fd71ac133" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-2fa12735", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f42ba916689f5c7b1642092266d2f53cf527aaaa" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-35dd450f", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9968c701cba7eda42e5f0052b040349d6222ae34" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-3e68fe5a", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb7b01ca778170654e1c76950024270ba74b121f" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-4c09e9fb", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@014bcf41d946b36a8f0b8e9b5d9529efbb822f49" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-71b54fe3", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f42ba916689f5c7b1642092266d2f53cf527aaaa" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-776f0297", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "193932607141855607169702574790039511337", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@871fd7b10b56d280990b7e754f43d888382ca325" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-7ca6ea72", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "22736974415367348709462513573404752109", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6c1f36d92c0a8799569055012665d2bb066fb964" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-7cf74b2b", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@284fb1003d5da111019b9e0bf99b084fd71ac133" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-7e38c9b5", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@284fb1003d5da111019b9e0bf99b084fd71ac133" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-8bdf25af", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@871fd7b10b56d280990b7e754f43d888382ca325" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-a5248e3b", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "193932607141855607169702574790039511337", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a67d4ab9e730361d183086dfb0ddd8c61f01636" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-c1ed63b3", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@014bcf41d946b36a8f0b8e9b5d9529efbb822f49" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_get_inquiry_data" }, "id": "CVE-2024-27059-c49504ad", "digest": { "length": 2157.0, "function_hash": "148397277916442790836145525134080878263" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6c1f36d92c0a8799569055012665d2bb066fb964" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-cf2a0146", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@871fd7b10b56d280990b7e754f43d888382ca325" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-cf90e960", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "193932607141855607169702574790039511337", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f42ba916689f5c7b1642092266d2f53cf527aaaa" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-de0b76b9", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "193932607141855607169702574790039511337", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@014bcf41d946b36a8f0b8e9b5d9529efbb822f49" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-de49cd2c", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb7b01ca778170654e1c76950024270ba74b121f" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-e9ea91d1", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a67d4ab9e730361d183086dfb0ddd8c61f01636" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/usb/storage/isd200.c" }, "id": "CVE-2024-27059-eae86677", "digest": { "line_hashes": [ "82281717723977900547843313393159064985", "333378792834850168475798655997640474768", "229309443083624898593377991570787555505", "193270861340138967189589920655769449037", "302454997477029160363081212779401126609", "277546682701556098289387390586814094612", "107821156988789262896482093276513879447", "268366038150651137277373125961589905377", "214477129738289170443290310849160133332", "92832365652633598095163173570967837001", "22736974415367348709462513573404752109", "214757146298956801138599022881283445733", "34064397349578693317012442752311468401", "130483367756177126789619352913023963346", "310517952414705215857164386125346790203", "250238439621354126239037232352066946785", "41443090908617755281980553563804162758", "108160110628103169602774704809421184443", "120249169449004058414778138424649800848", "73035852448631115081089722263639442900", "286090376984517095787129848623306270903", "168531864343697935668351489078523022330", "213159295555920490160354743840035005523", "127116537434643587586045006681099302626" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9968c701cba7eda42e5f0052b040349d6222ae34" }, { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/usb/storage/isd200.c", "function": "isd200_Initialization" }, "id": "CVE-2024-27059-f843582a", "digest": { "length": 387.0, "function_hash": "196681542267522556235569539497659862832" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9968c701cba7eda42e5f0052b040349d6222ae34" } ] }