CVE-2024-56759

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue has been resolved in the Linux kernel. The problem occurs when a tree block is being copied (COWed) and tracing is enabled, allowing for a potential use-after-free in the COWed extent buffer. This happens because the last reference to the extent buffer @buf is dropped when btrfs force cow block() calls free extent buffer stale(buf), scheduling its release with RCU. If preemption is enabled, the current task may be preempted before the tracepoint trace btrfs cow block() is called, resulting in the extent buffer being released, leading to a use-after-free. The fix involves moving the trace btrfs cow block() call from btrfs cow block() to btrfs force cow block() before the COWed extent buffer is freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.