CVE-2024-23850
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-23850 is a vulnerability that affects the Linux kernel through version 6.7.1. It is classified as a medium severity vulnerability with a base score of 5.5. The vulnerability can be exploited locally, with low privileges required and no user interaction necessary. It does not have an impact on integrity or confidentiality, but it poses a high risk to availability. The vulnerability occurs in the btrfs_get_root_ref function, which can lead to an assertion failure and crash when a subvolume is read out too soon after its root item is inserted upon subvolume creation. There are 325 known instances of this vulnerability being exploited, and it affects multiple products including Qtrc2o, ohMfk4, Qtrc2i, ohMfk3, ohMfk2, Qtrc2m, QtrdW7, ohMfku, Qtrc2_, and more. No remediation steps or further details on potential dangers to organizations are provided in the source information from [email protected].
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions