CVE-2024-50217

Summary

CVE-2024-50217 is a use-after-free vulnerability affecting the Linux kernel's btrfs file system. Mounting two btrfs images with the same file system ID but different device UUIDs in a specific order can lead to an UAF in the variable 'device->bdev_file' within __btrfs_free_extra_devids(). This occurs due to the freed memory from the first image being reused when mounting the second image. The vulnerability can be exploited by accessing the freed memory, potentially leading to code execution or denial-of-service attacks. The issue is resolved by setting 'device->bdev_file' to NULL after closing the corresponding btrfs device in btrfs_close_one_device().

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.