PT-2024-8011 · Linux+5 · Linux Kernel+5

David Sterba

·

Published

2024-08-27

·

Updated

2025-09-29

·

CVE-2024-46687

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.48/6.10.7
Description A use-after-free vulnerability has been identified in the Linux kernel's btrfs file system, specifically in the btrfs submit chunk() function. This vulnerability can be triggered when the kernel encounters an error while processing a read bio, leading to a double-freeing of memory and potentially causing a use-after-free condition. The vulnerability is caused by the btrfs bio end io() function calling the original endio function, which frees the whole bio, and then later calling the original endio function again, causing a double freeing.
Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability, which is versions 6.6.48/6.10.7 or later. As a temporary workaround, consider disabling the btrfs submit chunk() function until a patch is available. However, this workaround may have significant performance implications and should be used with caution.

Exploit

Fix

Use After Free

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-415

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-12968
ALT-PU-2024-13260
ALT-PU-2024-13979
AZL-49291
BDU:2024-09529
CVE-2024-46687
OESA-2024-2181
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7196-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu