In the Linux kernel, the following vulnerability has been resolved:
block: fix overflow in blkioctldiscard()
There is no check for overflow of 'start + len' in blkioctldiscard(). Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000; Add the overflow validation now.
{ "vanir_signatures": [ { "signature_version": "v1", "signature_type": "Function", "target": { "file": "block/ioctl.c", "function": "blk_ioctl_discard" }, "id": "CVE-2024-36917-0897acdb", "digest": { "length": 732.0, "function_hash": "190659455852529838209960606443687182970" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@507d526a98c355e6f3fb2c47aacad44a69784bee" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "block/ioctl.c", "function": "blk_ioctl_discard" }, "id": "CVE-2024-36917-49f9e3f3", "digest": { "length": 732.0, "function_hash": "190659455852529838209960606443687182970" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e1d38cde2b7b0fbd1c48082e7a98c37d750af59b" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "block/ioctl.c" }, "id": "CVE-2024-36917-5dabeec8", "digest": { "line_hashes": [ "327707026604383224755330566178992527776", "24984103917650065323948365865682657589", "335527526161466452465969529313056129458", "107894198399489929448181325268997551935", "191748985194335134612644948190618087421", "285427463023134696977922066672356068502", "272949879687161547533553458232702624583", "181396652868462738277786451202405724111" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@22d24a544b0d49bbcbd61c8c0eaf77d3c9297155" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "block/ioctl.c" }, "id": "CVE-2024-36917-965507bc", "digest": { "line_hashes": [ "327707026604383224755330566178992527776", "24984103917650065323948365865682657589", "335527526161466452465969529313056129458", "107894198399489929448181325268997551935", "191748985194335134612644948190618087421", "285427463023134696977922066672356068502", "272949879687161547533553458232702624583", "181396652868462738277786451202405724111" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@507d526a98c355e6f3fb2c47aacad44a69784bee" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "block/ioctl.c", "function": "blk_ioctl_discard" }, "id": "CVE-2024-36917-a5f0891d", "digest": { "length": 732.0, "function_hash": "190659455852529838209960606443687182970" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@22d24a544b0d49bbcbd61c8c0eaf77d3c9297155" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "block/ioctl.c" }, "id": "CVE-2024-36917-aa13c1aa", "digest": { "line_hashes": [ "327707026604383224755330566178992527776", "24984103917650065323948365865682657589", "335527526161466452465969529313056129458", "107894198399489929448181325268997551935", "191748985194335134612644948190618087421", "285427463023134696977922066672356068502", "272949879687161547533553458232702624583", "181396652868462738277786451202405724111" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e1d38cde2b7b0fbd1c48082e7a98c37d750af59b" } ] }