CVE-2024-46840
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
btrfs: clean up our handling of refs == 0 in snapshot delete
In reada we BUG_ON(refs == 0), which could be unkind since we aren't holding a lock on the extent leaf and thus could get a transient incorrect answer. In walk_down_proc we also BUG_ON(refs == 0), which could happen if we have extent tree corruption. Change that to return -EUCLEAN. In do_walk_down() we catch this case and handle it correctly, however we return -EIO, which -EUCLEAN is a more appropriate error code. Finally in walk_up_proc we have the same BUG_ON(refs == 0), so convert that to proper error handling. Also adjust the error message so we can actually do something with the information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < c847b28a799733b04574060ab9d00f215970627d | affected |
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < 71291aa7246645ef622621934d2067400380645e | affected |
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < c60676b81fab456b672796830f6d8057058f029c | affected |
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < 728d4d045b628e006b48a448f3326a7194c88d32 | affected |
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < 9cc887ac24b7a0598f4042ae9af6b9a33072f75b | affected |
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < 7d1df13bf078ffebfedd361d714ff6cee1ff01b9 | affected |
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < 03804641ec2d0da4fa088ad21c88e703d151ce16 | affected |
| Linux | Linux | 2c47e605a91dde6b0514f689645e7ab336c8592a < b8ccef048354074a548f108e51d0557d6adfd3a3 | affected |
| Linux | Linux | 2.6.31 | affected |
| Linux | Linux | 0 < 2.6.31 | unaffected |
| Linux | Linux | 4.19.322 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.284 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.226 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.167 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.110 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.51 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.10 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
References
- https://git.kernel.org/stable/c/c847b28a799733b04574060ab9d00f215970627d
- https://git.kernel.org/stable/c/71291aa7246645ef622621934d2067400380645e
- https://git.kernel.org/stable/c/c60676b81fab456b672796830f6d8057058f029c
- https://git.kernel.org/stable/c/728d4d045b628e006b48a448f3326a7194c88d32
- https://git.kernel.org/stable/c/9cc887ac24b7a0598f4042ae9af6b9a33072f75b
- https://git.kernel.org/stable/c/7d1df13bf078ffebfedd361d714ff6cee1ff01b9
- https://git.kernel.org/stable/c/03804641ec2d0da4fa088ad21c88e703d151ce16
- https://git.kernel.org/stable/c/b8ccef048354074a548f108e51d0557d6adfd3a3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.