CVE ID : CVE-2024-56774

Published : Jan. 8, 2025, 6:15 p.m. | 1 hour ago

Description : In the Linux kernel, the following vulnerability has been resolved:

btrfs: add a sanity check for btrfs root in btrfs_search_slot()

Syzbot reports a null-ptr-deref in btrfs_search_slot().

The reproducer is using rescue=ibadroots, and the extent tree root is
corrupted thus the extent tree is NULL.

When scrub tries to search the extent tree to gather the needed extent
info, btrfs_search_slot() doesn’t check if the target root is NULL or
not, resulting the null-ptr-deref.

Add sanity check for btrfs root before using it in btrfs_search_slot().

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…