CVSS 3.1 Score 5.5 of 10 (medium)


Published Jan 23, 2024
Updated: Feb 28, 2024


CVE-2024-23850 is a vulnerability that affects the Linux kernel through version 6.7.1. It is classified as a medium severity vulnerability with a base score of 5.5. The vulnerability can be exploited locally, with low privileges required and no user interaction necessary. It does not have an impact on integrity or confidentiality, but it poses a high risk to availability. The vulnerability occurs in the btrfs_get_root_ref function, which can lead to an assertion failure and crash when a subvolume is read out too soon after its root item is inserted upon subvolume creation. There are 325 known instances of this vulnerability being exploited, and it affects multiple products including Qtrc2o, ohMfk4, Qtrc2i, ohMfk3, ohMfk2, Qtrc2m, QtrdW7, ohMfku, Qtrc2_, and more. No remediation steps or further details on potential dangers to organizations are provided in the source information from [email protected].

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.


Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-23850 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions