{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-35983","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-17T13:50:33.145Z","datePublished":"2024-05-20T09:47:51.079Z","dateUpdated":"2025-05-04T12:56:10.604Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:56:10.604Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS\n\nbits_per() rounds up to the next power of two when passed a power of\ntwo.  This causes crashes on some machines and configurations."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/bounds.c"],"versions":[{"version":"d6077e0d38b4953c863d0db4a5b3f41d21e0d546","lessThan":"d34a516f2635090d36a306f84573e8de3d7374ce","status":"affected","versionType":"git"},{"version":"83a2275f9d3230c761014b1467888b1ef469be74","lessThan":"66297b2ceda841f809637731d287bda3a93b49d8","status":"affected","versionType":"git"},{"version":"d2a7a81088c6abe778b0a93a7eeb79487a943818","lessThan":"93ba36238db6a74a82feb3dc476e25ea424ad630","status":"affected","versionType":"git"},{"version":"428ca0000f0abd5c99354c52a36becf2b815ca21","lessThan":"9b7c5004d7c5ae062134052a85290869a015814c","status":"affected","versionType":"git"},{"version":"b46c822f8b555b9513df44047b0e72c06720df62","lessThan":"15aa09d6d84629eb5296de30ac0aa19a33512f16","status":"affected","versionType":"git"},{"version":"cf778fff03be1ee88c49b72959650147573c3301","lessThan":"ebfe41889b762f1933c6762f6624b9724a25bee0","status":"affected","versionType":"git"},{"version":"f2d5dcb48f7ba9e3ff249d58fc1fa963d374e66a","lessThan":"5af385f5f4cddf908f663974847a4083b2ff2c79","status":"affected","versionType":"git"},{"version":"b2e1b090a590d41abe647eadb6bf2a5dc47b63ab","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/bounds.c"],"versions":[{"version":"5.4.274","lessThan":"5.4.275","status":"affected","versionType":"semver"},{"version":"5.10.215","lessThan":"5.10.216","status":"affected","versionType":"semver"},{"version":"5.15.154","lessThan":"5.15.158","status":"affected","versionType":"semver"},{"version":"6.1.84","lessThan":"6.1.90","status":"affected","versionType":"semver"},{"version":"6.6.24","lessThan":"6.6.30","status":"affected","versionType":"semver"},{"version":"6.8.3","lessThan":"6.8.9","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.274","versionEndExcluding":"5.4.275"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.215","versionEndExcluding":"5.10.216"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.154","versionEndExcluding":"5.15.158"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.84","versionEndExcluding":"6.1.90"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.24","versionEndExcluding":"6.6.30"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8.3","versionEndExcluding":"6.8.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce"},{"url":"https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8"},{"url":"https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630"},{"url":"https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c"},{"url":"https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16"},{"url":"https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0"},{"url":"https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79"}],"title":"bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-35983","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-20T13:33:05.860363Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:34:16.061Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T03:21:49.040Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","tags":["x_transferred"]}]}]},"dataVersion":"5.1"}