{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2024-53187", "ASSIGNER": "cve@kernel.org", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check for overflows in io_pin_pages\n\nWARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring/memmap.c:144\nCPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-next-20241118-syzkaller #0\nCall Trace:\n \n __io_uaddr_map+0xfb/0x2d0 io_uring/memmap.c:183\n io_rings_map io_uring/io_uring.c:2611 [inline]\n io_allocate_scq_urings+0x1c0/0x650 io_uring/io_uring.c:3470\n io_uring_create+0x5b5/0xc00 io_uring/io_uring.c:3692\n io_uring_setup io_uring/io_uring.c:3781 [inline]\n ...\n \n\nio_pin_pages()'s uaddr parameter came directly from the user and can be\ngarbage. Don't just add size to it as it can overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Linux", "product": { "product_data": [ { "product_name": "Linux", "version": { "version_data": [ { "version_affected": "<", "version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "version_value": "29eac3eca72d4c2a71122050c37cd7d8f73ac4f3" }, { "version_value": "not down converted", "x_cve_json_5_version_data": { "versions": [ { "version": "6.11.11", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.12.2", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.13-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ], "defaultStatus": "affected" } } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://git.kernel.org/stable/c/29eac3eca72d4c2a71122050c37cd7d8f73ac4f3", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/29eac3eca72d4c2a71122050c37cd7d8f73ac4f3" }, { "url": "https://git.kernel.org/stable/c/aaa90844afd499c9142d0199dfda74439314c013", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/aaa90844afd499c9142d0199dfda74439314c013" }, { "url": "https://git.kernel.org/stable/c/0c0a4eae26ac78379d0c1db053de168a8febc6c9", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/0c0a4eae26ac78379d0c1db053de168a8febc6c9" } ] }, "generator": { "engine": "bippy-5f407fcff5a0" } }