CVE-2024-39482: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-39482 is a vulnerability in the Linux kernel's bcache subsystem, discovered and disclosed on July 5, 2024. The issue specifically affects the btree_iter implementation in the bcache component, where a variable length array is improperly used. The vulnerability affects Linux kernel versions from 5.10 up to (excluding) 5.10.221, 5.15 up to 5.15.162, 6.1 up to 6.1.94, 6.6 up to 6.6.34, and 6.9 up to 6.9.5 (NVD).

The vulnerability stems from the btreeiter structure being used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. The struct previously had a fixed-length array of size MAXBSETS which was indexed out-of-bounds for dynamically-sized iterators, causing UBSAN to complain. The issue was resolved by splitting the iterator into a btreeiter with a flexible array member and a btreeiterstack which embeds a btree_iter as well as a fixed-length data array. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability affects system availability through potential out-of-bounds array access in the bcache subsystem. While there are no direct confidentiality or integrity impacts, the vulnerability could lead to system instability or crashes when the bcache component is in use (NVD).

The vulnerability has been fixed in the Linux kernel through a patch that restructures the btree_iter implementation. Fixed versions include Linux kernel 5.10.221, 5.15.162, 6.1.94, 6.6.34, and 6.9.5. Users are advised to update to these or later versions. The fix has been backported to various stable kernel branches (Kernel Patch).