CVE-2024-46840

Summary

CVE-2024-46840 is a vulnerability affecting the Linux kernel's btrfs file system. The issue lies in the handling of refs (references) being equal to zero in snapshot delete operations. In the functions reada and walk_down_proc, a BUG_ON check for refs equals zero has been identified as unkind since a lock is not held on the extent leaf, potentially leading to incorrect answers. To address this, these functions should return -EUCLEAN instead of BUG_ON. Similarly, in the do_walk_down function, the handling of this error is correct but the error code returned is -EIO, which should be changed to -EUCLEAN for consistency. Lastly, in the walk_up_proc function, the BUG_ON check for refs equals zero should also be converted to proper error handling and the error message should be adjusted to provide more useful information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.