CVE-2024-46840

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the handling of refs == 0 in snapshot delete in the btrfs file system. In the reada function, a BUG ON(refs == 0) check could return a transient incorrect answer because it is not holding a lock on the extent leaf. Similarly, in walk down proc, the same check could happen due to extent tree corruption, and it has been changed to return -EUCLEAN. The do walk down() function correctly handles this case but returns -EIO, which is less appropriate than -EUCLEAN. The walk up proc function also had the same BUG ON(refs == 0) check and has been converted to proper error handling. The error message has been adjusted to provide more useful information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.