SB2024062575 - Resource management error in Linux kernel btrfs
Published: June 25, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024062575
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2021-47433)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the btrfs_replace_file_extents() function in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378
- https://git.kernel.org/stable/c/0e309e1152fc34ef75991d9d69b165dbf75bf26c
- https://git.kernel.org/stable/c/4afb912f439c4bc4e6a4f3e7547f2e69e354108f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.14
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15