5.5

CVE-2024-35936

btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

In the Linux kernel, the following vulnerability has been resolved:

btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption,
as it could be caused only by two impossible conditions:

- at first the search key is set up to look for a chunk tree item, with
  offset -1, this is an inexact search and the key->offset will contain
  the correct offset upon a successful search, a valid chunk tree item
  cannot have an offset -1

- after first successful search, the found_key corresponds to a chunk
  item, the offset is decremented by 1 before the next loop, it's
  impossible to find a chunk item there due to alignment and size
  constraints
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.19.312
LinuxLinux Kernel Version >= 4.20 < 5.4.274
LinuxLinux Kernel Version >= 5.5 < 5.10.215
LinuxLinux Kernel Version >= 5.11 < 5.15.155
LinuxLinux Kernel Version >= 5.16 < 6.1.86
LinuxLinux Kernel Version >= 6.2 < 6.6.27
LinuxLinux Kernel Version >= 6.7 < 6.8.6
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.135
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Third Party Advisory
Mailing List
https://git.kernel.org/stable/c/0d23b34c68c46cd225b55868bc8a269e3134816d
Patch
https://git.kernel.org/stable/c/1f9212cdbd005bc55f2b7422e7b560d9c02bd1da
Patch
https://git.kernel.org/stable/c/36c2a2863bc3896243eb724dc3fd4cf9aea633f2
Patch
https://git.kernel.org/stable/c/576164bd01bd795f8b09fb194b493103506b33c9
Patch
https://git.kernel.org/stable/c/7411055db5ce64f836aaffd422396af0075fdc99
Patch
https://git.kernel.org/stable/c/87299cdaae757f3f41212146cfb5b3af416b8385
Patch
https://git.kernel.org/stable/c/bebd9e0ff90034875c5dfe4bd514fd7055fc7a89
Patch
https://git.kernel.org/stable/c/d1ffa4ae2d591fdd40471074e79954ec45f147f7
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html