Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when adding pages to compressed bio At add_ra_bio_pages() we are accessing the extent map to calculate 'add_size' after we dropped our reference on the extent map, resulting in a use-after-free. Fix this by computing 'add_size' before dropping our extent map reference.

INFO

Published Date :

2024-08-17T09:09:23.047Z

Last Modified :

2025-11-03T22:04:34.301Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-42314 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-42314.

URL Resource
https://git.kernel.org/stable/c/8e7860543a94784d744c7ce34b78a2e11beefa5c cve-icon cve-icon
https://git.kernel.org/stable/c/b7859ff398b6b656e1689daa860eb34837b4bb89 cve-icon cve-icon
https://git.kernel.org/stable/c/c1cc3326e27b0bd7a2806b40bc48e49afaf951e7 cve-icon cve-icon
https://git.kernel.org/stable/c/c205565e0f2f439f278a4a94ee97b67ef7b56ae8 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024081752-CVE-2024-42314-de1f@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-42314 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-42314 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact