{"id":"CVE-2024-36917","summary":"block: fix overflow in blk_ioctl_discard()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix overflow in blk_ioctl_discard()\n\nThere is no check for overflow of 'start + len' in blk_ioctl_discard().\nHung task occurs if submit an discard ioctl with the following param:\n  start = 0x80000000000ff000, len = 0x8000000000fff000;\nAdd the overflow validation now.","modified":"2026-05-18T05:56:05.665501869Z","published":"2024-05-30T15:29:13.327Z","related":["ALSA-2024:5102","SUSE-SU-2024:2360-1","SUSE-SU-2024:2372-1","SUSE-SU-2024:2381-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2561-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36917.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155"},{"type":"WEB","url":"https://git.kernel.org/stable/c/507d526a98c355e6f3fb2c47aacad44a69784bee"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8a26198186e97ee5fc4b42fde82629cff8c75cd6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e1d38cde2b7b0fbd1c48082e7a98c37d750af59b"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36917.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36917"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d30a2605be9d5132d95944916e8f578fcfe4f976"},{"fixed":"8a26198186e97ee5fc4b42fde82629cff8c75cd6"},{"fixed":"e1d38cde2b7b0fbd1c48082e7a98c37d750af59b"},{"fixed":"507d526a98c355e6f3fb2c47aacad44a69784bee"},{"fixed":"22d24a544b0d49bbcbd61c8c0eaf77d3c9297155"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36917.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.28"},{"fixed":"6.1.91"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.31"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.8.10"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36917.json"}}],"schema_version":"1.7.5"}