CVE-2024-23850

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 23, 2024
Updated: Feb 28, 2024

Summary

CVE-2024-23850 is a vulnerability that affects the Linux kernel through version 6.7.1. It is classified as a medium severity vulnerability with a base score of 5.5. The vulnerability can be exploited locally, with low privileges required and no user interaction necessary. It does not have an impact on integrity or confidentiality, but it poses a high risk to availability. The vulnerability occurs in the btrfs_get_root_ref function, which can lead to an assertion failure and crash when a subvolume is read out too soon after its root item is inserted upon subvolume creation. There are 325 known instances of this vulnerability being exploited, and it affects multiple products including Qtrc2o, ohMfk4, Qtrc2i, ohMfk3, ohMfk2, Qtrc2m, QtrdW7, ohMfku, Qtrc2_, and more. No remediation steps or further details on potential dangers to organizations are provided in the source information from nvd@nist.gov.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-23850 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options