PT-2024-34059 · Linux+4 · Linux Kernel+4

Published

2024-10-09

·

Updated

2025-10-03

·

CVE-2024-50225

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0-rc7-BTRFS-ZNS+
Description: The issue is related to the btrfs file system in the Linux kernel. Specifically, it concerns the error propagation of split bios. The function btrfs bbio propagate error() is intended to propagate an error of a split bio to its original btrfs bio and notify the upper layer. However, in certain cases, particularly when the end io is called quickly, the orig bbio's bio context may not be properly set, leading to a NULL pointer dereference. This can be reproduced by running btrfs/146 on zoned devices with the raid-stripe-tree feature. The error results in a kernel NULL pointer dereference.
Recommendations: To resolve the issue, update the Linux kernel to a version that includes the fix for the error propagation of split bios in the btrfs file system. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17211
ALT-PU-2025-12647
AZL-53153
BDU:2025-07906
CVE-2024-50225
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Suse
Ubuntu