CVE-2024-27059
Severity CVSS v4.0:
Pending analysis
Type:
CWE-369
Divide By Zero
Publication date:
01/05/2024
Last modified:
14/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command<br />
<br />
The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values<br />
in the ATA ID information to calculate cylinder and head values when<br />
creating a CDB for READ or WRITE commands. The calculation involves<br />
division and modulus operations, which will cause a crash if either of<br />
these values is 0. While this never happens with a genuine device, it<br />
could happen with a flawed or subversive emulation, as reported by the<br />
syzbot fuzzer.<br />
<br />
Protect against this possibility by refusing to bind to the device if<br />
either the ATA_ID_HEADS or ATA_ID_SECTORS value in the device&#39;s ID<br />
information is 0. This requires isd200_Initialization() to return a<br />
negative error code when initialization fails; currently it always<br />
returns 0 (even when there is an error).
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.12 (including) | 4.19.312 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.274 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.215 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.154 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.84 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.64 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.7.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49
- https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133
- https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636
- https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964
- https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325
- https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34
- https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f
- https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa
- https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49
- https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133
- https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636
- https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964
- https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325
- https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34
- https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f
- https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html