fkie_cve-2025-39909
Vulnerability from fkie_nvd
Published
2025-10-01 08:15
Modified
2025-10-02 19:12
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters()
Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters
application".
DAMON's RECLAIM and LRU_SORT modules perform no validation on
user-configured parameters during application, which may lead to
division-by-zero errors.
Avoid the divide-by-zero by adding validation checks when DAMON modules
attempt to apply the parameters.
This patch (of 2):
During the calculation of 'hot_thres' and 'cold_thres', either
'sample_interval' or 'aggr_interval' is used as the divisor, which may
lead to division-by-zero errors. Fix it by directly returning -EINVAL
when such a case occurs. Additionally, since 'aggr_interval' is already
required to be set no smaller than 'sample_interval' in damon_set_attrs(),
only the case where 'sample_interval' is zero needs to be checked.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters()\n\nPatch series \"mm/damon: avoid divide-by-zero in DAMON module\u0027s parameters\napplication\".\n\nDAMON\u0027s RECLAIM and LRU_SORT modules perform no validation on\nuser-configured parameters during application, which may lead to\ndivision-by-zero errors.\n\nAvoid the divide-by-zero by adding validation checks when DAMON modules\nattempt to apply the parameters.\n\n\nThis patch (of 2):\n\nDuring the calculation of \u0027hot_thres\u0027 and \u0027cold_thres\u0027, either\n\u0027sample_interval\u0027 or \u0027aggr_interval\u0027 is used as the divisor, which may\nlead to division-by-zero errors. Fix it by directly returning -EINVAL\nwhen such a case occurs. Additionally, since \u0027aggr_interval\u0027 is already\nrequired to be set no smaller than \u0027sample_interval\u0027 in damon_set_attrs(),\nonly the case where \u0027sample_interval\u0027 is zero needs to be checked."
}
],
"id": "CVE-2025-39909",
"lastModified": "2025-10-02T19:12:17.160",
"metrics": {},
"published": "2025-10-01T08:15:33.850",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/326a4b3750c71af3f3c52399ec4dbe33b6da4c26"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/711f19dfd783ffb37ca4324388b9c4cb87e71363"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/74e391f7da7d9d5235a3cca88ee9fc18f720c75b"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/7bb675c9f0257840d33e5d1337d7e3afdd74a6bf"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/af0ae62b935317bed1a1361c8c9579db9d300e70"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…