Race Condition in Block Storage Management of Linux Kernel
CVE-2024-58089

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 March 2025

What is CVE-2024-58089?

A vulnerability in the Linux kernel's btrfs module has been identified, where a race condition can cause system crashes when using a block size smaller than the page size on aarch64 architectures. This results in a series of critical error messages indicating failures in handling ordered extents, leading to potential kernel panics and system instability. Properly addressing this issue is crucial for maintaining the reliability of systems relying on the btrfs file system.

Affected Version(s)

Linux d1051d6ebf8ef3517a5a3cf82bba8436d190f1c2 < 21333148b5c9e52f41fafcedec3810b56a5e0e40

Linux d1051d6ebf8ef3517a5a3cf82bba8436d190f1c2 < 0283ee1912c8e243c931f4ee5b3672e954fe0384

Linux d1051d6ebf8ef3517a5a3cf82bba8436d190f1c2 < 72dad8e377afa50435940adfb697e070d3556670

References

https://git.kernel.org/stable/c/21333148b5c9e52f41fafcede...

https://git.kernel.org/stable/c/0283ee1912c8e243c931f4ee5...

https://git.kernel.org/stable/c/72dad8e377afa50435940adfb...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2025
Vulnerability Reserved
Mar 6, 2025