medium
5.5
CWE
369
Advisory Published
Updated

CVE-2024-43889: padata: Fix possible divide-by-0 panic in padata_mt_helper()

First published: Mon Aug 26 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. [ 10.017908] Oops: divide error: 0000 1 PREEMPT SMP NOPTI [ 10.017908] CPU: 26 PID: 2627 Comm: kworker/u1666:1 Not tainted 6.10.0-15.el10.x86_64 #1 [ 10.017908] Hardware name: Lenovo ThinkSystem SR950 [7X12CTO1WW]/[7X12CTO1WW], BIOS [PSE140J-2.30] 07/20/2021 [ 10.017908] Workqueue: events_unbound padata_mt_helper [ 10.017908] RIP: 0010:padata_mt_helper+0x39/0xb0 : [ 10.017963] Call Trace: [ 10.017968] <TASK> [ 10.018004] ? padata_mt_helper+0x39/0xb0 [ 10.018084] process_one_work+0x174/0x330 [ 10.018093] worker_thread+0x266/0x3a0 [ 10.018111] kthread+0xcf/0x100 [ 10.018124] ret_from_fork+0x31/0x50 [ 10.018138] ret_from_fork_asm+0x1a/0x30 [ 10.018147] </TASK> Looking at the padata_mt_helper() function, the only way a divide-by-0 panic can happen is when ps->chunk_size is 0. The way that chunk_size is initialized in padata_do_multithreaded(), chunk_size can be 0 when the min_chunk in the passed-in padata_mt_job structure is 0. Fix this divide-by-0 panic by making sure that chunk_size will be at least 1 no matter what the input parameters are.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel>=5.8<5.10.224
Linux Kernel>=5.11<5.15.165
Linux Kernel>=5.16<6.1.105
Linux Kernel>=6.2<6.6.46
Linux Kernel>=6.7<6.10.5
Linux Kernel=6.11-rc1
Linux Kernel=6.11-rc2
debian/linux<=5.10.223-1
5.10.234-1
6.1.123-1
6.1.128-1
6.12.12-1
6.12.17-1
debian/linux-6.1
6.1.128-1~deb11u1

Remedy

https://git.kernel.org/stable/c/6d45e1c948a8b7ed6ceddb14319af69424db730c

Remedy

https://git.kernel.org/stable/c/8f5ffd2af7274853ff91d6cd62541191d9fbd10d

Remedy

https://git.kernel.org/stable/c/924f788c906dccaca30acab86c7124371e1d6f2c

Remedy

https://git.kernel.org/stable/c/a29cfcb848c31f22b4de6a531c3e1d68c9bfe09f

Remedy

https://git.kernel.org/stable/c/ab8b397d5997d8c37610252528edc54bebf9f6d3

Remedy

https://git.kernel.org/stable/c/da0ffe84fcc1627a7dff82c80b823b94236af905

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-43889?

    CVE-2024-43889 has a severity level that indicates a potential risk of system crashes due to divide-by-0 panic in the Linux kernel.

  • How do I fix CVE-2024-43889?

    To fix CVE-2024-43889, update to the latest stable version of the Linux kernel, specifically versions such as 5.10.226-1 or 6.1.128-1.

  • What versions of the Linux kernel are affected by CVE-2024-43889?

    CVE-2024-43889 affects various versions of the Linux kernel, including versions from 5.8 to 6.10.5.

  • What is the impact of CVE-2024-43889 on systems?

    The impact of CVE-2024-43889 includes the potential for system instability and crashes during bootup due to a divide-by-0 error.

  • Where can I find more information about CVE-2024-43889?

    Detailed information about CVE-2024-43889 can be found on the official Linux kernel repositories and security documentation.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203