CVE-2024-50217
btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()
References
Notes
carnil> Introduced in 142388194191 ("btrfs: do not background blkdev_put()").
carnil> Vulnerable versions: 4.8-rc4.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.12-rc6) [aec8e6bf839101784f3ef037dcdb9432c3f32343]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.12-upstream-stable |
N/A "Fixed before branching point"
|
| 6.11-upstream-stable |
released (6.11.7) [47a83f8df39545f3f552bb6a1b6d9c30e37621dd]
|
| 6.6-upstream-stable |
needed
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
needed
|
| sid |
released (6.11.7-1)
|
| 6.12-trixie-security |
N/A "Fixed before branching point"
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
needed
|
