#VU95035 Integer overflow in Linux kernel - CVE-2024-42131

Vulnerability identifier: #VU95035

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42131

CWE-ID: CWE-190

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the domain_dirty_limits(), node_dirty_limit(), dirty_background_bytes_handler() and dirty_bytes_handler() functions in mm/page-writeback.c. A local user can execute arbitrary code.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290
https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2
https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc
https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0
https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805
https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.