PT-2024-33712 · Linux+7 · Linux Kernel+7

Syzbot

·

Published

2024-10-01

·

Updated

2025-09-15

·

CVE-2024-49867

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58
Description: A vulnerability in the Linux kernel has been resolved, related to the btrfs file system. The issue occurs during unmount, where a fixup worker can result in a crash when attempting to wake up the cleaner kthread after it has been stopped and its resources freed. This happens because the kernel does not wait for any fixup workers still running before stopping the cleaner kthread. The vulnerability can cause a slab-use-after-free error, as reported by Syzbot.
Recommendations: To resolve this issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider disabling the btrfs file system or restricting its use until the update can be applied.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2024-14046
ALT-PU-2024-14270
ALT-PU-2024-14503
ALT-PU-2024-15739
ALT-PU-2024-16172
AZL-51498
BDU:2025-03126
CVE-2024-49867
DLA-4008-1
DLA-4075-1
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2321
OESA-2024-2322
OESA-2024-2324
OESA-2024-2325
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3983-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3985-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4131-1
OPENSUSE-SU-2024_4140-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:3983-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3985-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4081-1
SUSE-SU-2024:4082-1
SUSE-SU-2024:4103-1
SUSE-SU-2024:4131-1
SUSE-SU-2024:4140-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:03097-1
SUSE-SU-2025:03108-1
SUSE-SU-2025:03124-1
SUSE-SU-2025:03130-1
SUSE-SU-2025:03156-1
SUSE-SU-2025:03175-1
SUSE-SU-2025:03181-1
SUSE-SU-2025:03186-1
SUSE-SU-2025:03190-1
SUSE-SU-2025:03191-1
SUSE-SU-2025:03209-1
SUSE-SU-2025:03223-1
SUSE-SU-2025:03226-1
SUSE-SU-2025:0834-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
SUSE-SU-2025:20698-1
SUSE-SU-2025:20703-1
SUSE-SU-2025:20711-1
SUSE-SU-2025:20714-1
SUSE-SU-2025:20766-1
SUSE-SU-2025:20782-1
SUSE-SU-2025_0834-1
USN-7166-1
USN-7166-2
USN-7166-3
USN-7166-4
USN-7186-1
USN-7186-2
USN-7194-1
USN-7276-1
USN-7277-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7393-1
USN-7401-1
USN-7403-1
USN-7413-1
USN-7468-1
USN-7539-1
USN-7540-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu