CVE-2024-42111

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0-rc2-syzkaller-00010-g2ab795141095

Description A vulnerability in the Linux kernel has been resolved, related to the btrfs file system. The issue occurs when the btrfs qgroup inherit structure is passed to the btrfs qgroup inherit function while the qgroup is disabled, causing the basic checks like num ref copies/num excl copies and the structure size checks to be skipped. This can lead to a slab-out-of-bounds error when the qgroup is re-enabled and the btrfs qgroup inherit function is called with an incorrect structure.

The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Technical details about exploitation include:

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the btrfs qgroup inherit structure checks. Specifically, the btrfs qgroup check inherit function should be modified to only skip the source qgroup checks, ensuring that invalid btrfs qgroup inherit structures are rejected.

At the moment, there is no information about a newer version that contains a fix for this vulnerability.