Detections
Analytics

CVE-2025-39909

medium

Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters application". DAMON's RECLAIM and LRU_SORT modules perform no validation on user-configured parameters during application, which may lead to division-by-zero errors. Avoid the divide-by-zero by adding validation checks when DAMON modules attempt to apply the parameters. This patch (of 2): During the calculation of 'hot_thres' and 'cold_thres', either 'sample_interval' or 'aggr_interval' is used as the divisor, which may lead to division-by-zero errors. Fix it by directly returning -EINVAL when such a case occurs. Additionally, since 'aggr_interval' is already required to be set no smaller than 'sample_interval' in damon_set_attrs(), only the case where 'sample_interval' is zero needs to be checked.

References

https://git.kernel.org/stable/c/af0ae62b935317bed1a1361c8c9579db9d300e70

https://git.kernel.org/stable/c/7bb675c9f0257840d33e5d1337d7e3afdd74a6bf

https://git.kernel.org/stable/c/74e391f7da7d9d5235a3cca88ee9fc18f720c75b

https://git.kernel.org/stable/c/711f19dfd783ffb37ca4324388b9c4cb87e71363

https://git.kernel.org/stable/c/326a4b3750c71af3f3c52399ec4dbe33b6da4c26

Details

Source: Mitre, NVD

Published: 2025-10-01

Updated: 2025-10-02

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018