PT-2024-36888 · Linux+6 · Linux Kernel+6

Syzbot

·

Published

2024-11-29

·

Updated

2026-04-13

·

CVE-2024-56581

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free vulnerability has been identified in the Linux kernel, specifically in the btrfs file system. The issue occurs when an unexpected action of BTRFS DROP DELAYED REF is encountered after successfully inserting a new reference entry into the block entry's rbtree. This leads to the reference entry being freed without being removed from the rbtree, resulting in a use-after-free error when the block entry is accessed later. The vulnerability is triggered by calling btrfs free ref cache(), which iterates over all block entries and calls free block entry() for each one. The Syzbot has reported this issue with several stack traces.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-415

Related Identifiers

ALT-PU-2024-17893
ALT-PU-2025-12647
AZL-55524
AZL-55617
BDU:2025-03594
CVE-2024-56581
DLA-4075-1
DLA-4076-1
LSN-0119-1
OESA-2025-1032
OESA-2025-1033
OESA-2025-1035
OESA-2025-1036
OESA-2025-1037
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7391-1
USN-7392-1
USN-7392-2
USN-7392-3
USN-7392-4
USN-7393-1
USN-7401-1
USN-7407-1
USN-7413-1
USN-7421-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7463-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1
USN-8112-1
USN-8112-2
USN-8112-3
USN-8112-4
USN-8112-5

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Ubuntu