CVE-2024-43885

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 26, 2024
Updated: Aug 27, 2024
CWE ID 667

Summary

CVE-2024-43885 is a vulnerability found in the Linux kernel related to the Btrfs file system, where improper inode unlocking during direct I/O sync writes can occur. This flaw affects systems utilizing the Btrfs file system and can lead to high availability impact, though it does not affect data integrity or confidentiality. To remediate this issue, users should apply the relevant patches provided through official Linux kernel updates, as referenced in multiple patch links. The vulnerability has a medium severity rating with an exploitability score of 1.8 and requires low privileges to exploit locally without user interaction. Organizations should prioritize remediation to mitigate potential disruptions caused by this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share