CVE-2024-44972

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the btrfs filesystem. The issue occurs when using subpage and zoned cases, which can lead to a data leak at unmount time. The vulnerability can be triggered by a specific workload, including commands such as mkfs.btrfs, mount, fsstress, and umount. The dmesg includes warnings related to rsv leak detection and btrfs destroy inode. The vulnerability is caused by not clearing the page dirty flag inside the extent write locked range function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Release of Resource after Effective Lifetime

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772CWE-401

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-13979

ALT-PU-2024-14046

BDU:2025-03539

CVE-2024-44972

ECHO-AD0E-517C-B858

MGASA-2024-0309

MGASA-2024-0310

OESA-2025-1097

OPENSUSE-SU-2024_3592-1

SUSE-SU-2024:3553-1

SUSE-SU-2024:3566-1

SUSE-SU-2024:3569-1

SUSE-SU-2024:3592-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2024-44972

Weakness Enumeration

Related Identifiers

Affected Products

References · 1278