CVE-2024-46752

MEDIUM

Linux Kernel < 5.15.167, 5.16.0-6.1.110, 6.2.0-6.6.51, 6.7.0-6.10.10 Btrfs DoS

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() Instead of a BUG_ON() just return an error, log an error message and abort the transaction in case we find an extent buffer belonging to the relocation tree that doesn't have the full backref flag set. This is unexpected and should never happen (save for bugs or a potential bad memory).

References (6)

Core 6

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/b50857b96429a09fd3beed9f7f21b7bb7c433688

Patch

https://git.kernel.org/stable/c/0fbac73a97286a7ec72229cb9b42d760a2c717ac

Patch

https://git.kernel.org/stable/c/41a0f85e268d72fe04f731b8ceea4748c2d65491

Patch

https://git.kernel.org/stable/c/f895db00c65e5d77c437cce946da9ec29dcdf563

Patch

https://git.kernel.org/stable/c/b56329a782314fde5b61058e2a25097af7ccb675

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 15.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-404

Status published

Products (17)

linux/Kernel 2.6.31 - 5.15.167linux

linux/Kernel 5.16.0 - 6.1.110linux

linux/Kernel 6.2.0 - 6.6.51linux

linux/Kernel 6.7.0 - 6.10.10linux

Linux/Linux < 2.6.31

Linux/Linux 2.6.31

Linux/Linux 5.15.167 - 5.15.*

Linux/Linux 5d4f98a28c7d334091c1b7744f48a1acdd2a4ae0 - 0fbac73a97286a7ec72229cb9b42d760a2c717ac

Linux/Linux 5d4f98a28c7d334091c1b7744f48a1acdd2a4ae0 - 41a0f85e268d72fe04f731b8ceea4748c2d65491

Linux/Linux 5d4f98a28c7d334091c1b7744f48a1acdd2a4ae0 - b50857b96429a09fd3beed9f7f21b7bb7c433688

... and 7 more

Published Sep 18, 2024

Tracked Since Feb 18, 2026