CVE-2024-56758
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-56758 is a vulnerability affecting the Linux kernel's btrfs file system. It arises when the system attempts to update a folio mapping after unlocking it, allowing another thread to modify the mapping before it is relocked. This can result in an invalid page and a kernel NULL pointer dereference, causing the system to crash. The issue occurs during concurrent folio relocation and transaction aborts, when the cleanup process fails to check if mapping is still valid before proceeding with setting it to NULL. This vulnerability was not introduced by the latest code change but rather brought to light by it.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Linux Kernel
Affected Vendors
- LINUX