CVE-2024-56758

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 6, 2025
Updated: Jan 7, 2025
CWE ID 476

Summary

CVE-2024-56758 is a vulnerability affecting the Linux kernel's btrfs file system. It arises when the system attempts to update a folio mapping after unlocking it, allowing another thread to modify the mapping before it is relocked. This can result in an invalid page and a kernel NULL pointer dereference, causing the system to crash. The issue occurs during concurrent folio relocation and transaction aborts, when the cleanup process fails to check if mapping is still valid before proceeding with setting it to NULL. This vulnerability was not introduced by the latest code change but rather brought to light by it.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share