CVE-2024-46753

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we BUG_ON(ret) from btrfs_dec_ref(). This is incorrect, we have proper error handling here, return the error.

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 1%

Techniques & Countermeasures

• CWE-617•Reachable Assertion

  The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

Affected Systems

• linux•linux

  ≥ 2c47e605a91dde6b0514f689645e7ab336c8592a, < 0e4840ae09f375381167000ce47424818fcbcc7c | ≥ 2c47e605a91dde6b0514f689645e7ab336c8592a, < 2c4fe45351e544da4b8f10c74b277117a4fa7869 | ≥ 2c47e605a91dde6b0514f689645e7ab336c8592a, < 9c8237021b53d52357c0de07a768582fafb2791d | ≥ 2c47e605a91dde6b0514f689645e7ab336c8592a, < 67e4ca7ddc67ef949326b4dc404a9678bbe67d72 | ≥ 2c47e605a91dde6b0514f689645e7ab336c8592a, < a7f16a7a709845855cb5a0e080a52bda5873f9de | ≥ 2c47e605a91dde6b0514f689645e7ab336c8592a, < 5eb178f373b4f16f3b42d55ff88fc94dd95b93b1 | 2.6.31

• linux•linux_kernel

  < 5.10.236 | ≥ 5.11, < 5.15.180 | ≥ 5.16, < 6.1.134 | ≥ 6.2, < 6.6.87 | ≥ 6.7, < 6.10.10

References (8)

• https://git.kernel.org/stable/c/0e4840ae09f375381167000ce47424818fcbcc7c
• https://git.kernel.org/stable/c/2c4fe45351e544da4b8f10c74b277117a4fa7869
• https://git.kernel.org/stable/c/9c8237021b53d52357c0de07a768582fafb2791d
• https://git.kernel.org/stable/c/67e4ca7ddc67ef949326b4dc404a9678bbe67d72
• https://git.kernel.org/stable/c/a7f16a7a709845855cb5a0e080a52bda5873f9de
• https://git.kernel.org/stable/c/5eb178f373b4f16f3b42d55ff88fc94dd95b93b1
• https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
• https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html