Alma Linux: CVE-2024-43889: Moderate: kernel security update (Multiple Advisories)

Alma Linux: CVE-2024-43889: Moderate: kernel security update (Multiple Advisories)

Severity

5

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

08/26/2024

Created

11/08/2024

Added

11/07/2024

Modified

01/28/2025

Description

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. [ 10.017908] Oops: divide error: 0000 1 PREEMPT SMP NOPTI [ 10.017908] CPU: 26 PID: 2627 Comm: kworker/u1666:1 Not tainted 6.10.0-15.el10.x86_64 #1 [ 10.017908] Hardware name: Lenovo ThinkSystem SR950 [7X12CTO1WW]/[7X12CTO1WW], BIOS [PSE140J-2.30] 07/20/2021 [ 10.017908] Workqueue: events_unbound padata_mt_helper [ 10.017908] RIP: 0010:padata_mt_helper+0x39/0xb0 : [ 10.017963] Call Trace: [ 10.017968]<TASK> [ 10.018004]? padata_mt_helper+0x39/0xb0 [ 10.018084]process_one_work+0x174/0x330 [ 10.018093]worker_thread+0x266/0x3a0 [ 10.018111]kthread+0xcf/0x100 [ 10.018124]ret_from_fork+0x31/0x50 [ 10.018138]ret_from_fork_asm+0x1a/0x30 [ 10.018147]</TASK> Looking at the padata_mt_helper() function, the only way a divide-by-0 panic can happen is when ps->chunk_size is 0.The way that chunk_size is initialized in padata_do_multithreaded(), chunk_size can be 0 when the min_chunk in the passed-in padata_mt_job structure is 0. Fix this divide-by-0 panic by making sure that chunk_size will be at least 1 no matter what the input parameters are.

Solution(s)

• alma-upgrade-bpftool
• alma-upgrade-kernel
• alma-upgrade-kernel-abi-stablelists
• alma-upgrade-kernel-core
• alma-upgrade-kernel-cross-headers
• alma-upgrade-kernel-debug
• alma-upgrade-kernel-debug-core
• alma-upgrade-kernel-debug-devel
• alma-upgrade-kernel-debug-modules
• alma-upgrade-kernel-debug-modules-extra
• alma-upgrade-kernel-devel
• alma-upgrade-kernel-doc
• alma-upgrade-kernel-headers
• alma-upgrade-kernel-modules
• alma-upgrade-kernel-modules-extra
• alma-upgrade-kernel-rt
• alma-upgrade-kernel-rt-core
• alma-upgrade-kernel-rt-debug
• alma-upgrade-kernel-rt-debug-core
• alma-upgrade-kernel-rt-debug-devel
• alma-upgrade-kernel-rt-debug-modules
• alma-upgrade-kernel-rt-debug-modules-extra
• alma-upgrade-kernel-rt-devel
• alma-upgrade-kernel-rt-modules
• alma-upgrade-kernel-rt-modules-extra
• alma-upgrade-kernel-tools
• alma-upgrade-kernel-tools-libs
• alma-upgrade-kernel-tools-libs-devel
• alma-upgrade-kernel-zfcpdump
• alma-upgrade-kernel-zfcpdump-core
• alma-upgrade-kernel-zfcpdump-devel
• alma-upgrade-kernel-zfcpdump-modules
• alma-upgrade-kernel-zfcpdump-modules-extra
• alma-upgrade-perf
• alma-upgrade-python3-perf

References

• https://attackerkb.com/topics/cve-2024-43889
• CVE - 2024-43889
• https://errata.almalinux.org/8/ALSA-2024-8856.html
• https://errata.almalinux.org/8/ALSA-2024-8870.html