CVE-2024-46753

EPSS 0.05%
Published 18.09.2024 08:15:04
Last modified 03.11.2025 20:16:31
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

btrfs: handle errors from btrfs_dec_ref() properly

In walk_up_proc() we BUG_ON(ret) from btrfs_dec_ref().  This is
incorrect, we have proper error handling here, return the error.

Affected products Warnungen 0 Metrics 2 CWE 1 References 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 5.10.236

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.180

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.134

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.87

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.145

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://git.kernel.org/stable/c/5eb178f373b4f16f3b42d55ff88fc94dd95b93b1

Patch

https://git.kernel.org/stable/c/a7f16a7a709845855cb5a0e080a52bda5873f9de

Patch

https://git.kernel.org/stable/c/0e4840ae09f375381167000ce47424818fcbcc7c

Patch

https://git.kernel.org/stable/c/2c4fe45351e544da4b8f10c74b277117a4fa7869

Patch

https://git.kernel.org/stable/c/67e4ca7ddc67ef949326b4dc404a9678bbe67d72

Patch

https://git.kernel.org/stable/c/9c8237021b53d52357c0de07a768582fafb2791d

Patch