Bug 2260044 (CVE-2024-23850) - CVE-2024-23850 kernel: btrfs_get_root_ref has an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation
Summary: CVE-2024-23850 kernel: btrfs_get_root_ref has an assertion failure and crash ...
Keywords:
Status: NEW
Alias: CVE-2024-23850
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2260045
Blocks: 2260037
TreeView+ depends on / blocked
 
Reported: 2024-01-24 08:21 UTC by Rohit Keshri
Modified: 2024-05-01 12:10 UTC (History)
45 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Rohit Keshri 2024-01-24 08:21:44 UTC 
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.

https://lore.kernel.org/all/6a80cb4b32af89787dadee728310e5e2ca85343f.1705741883.git.wqu%40suse.com/
https://lore.kernel.org/lkml/CALGdzuo6awWdau3X=8XK547x2vX_-VoFmH1aPsqosRTQ5WzJVA%40mail.gmail.com/
Comment 1 Rohit Keshri 2024-01-24 08:24:25 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2260045]
Note You need to log in before you can comment on or make changes to this bug.