CVE-2024-46752 – This CVE addresses a kernel panic vulnerability... (How to Fix)

Q: What is the severity of CVE-2024-46752?

CVE-2024-46752 has a CVSS score of 5.5 (MEDIUM). This CVE addresses a kernel panic vulnerability in the Linux kernel's Btrfs filesystem. When handling relocation tree extent buffers without proper backref flags, the system could crash unexpectedly. This affects Linux systems using Btrfs filesystems with kernel versions containing the vulnerable code.

📋 TL;DR

This CVE addresses a kernel panic vulnerability in the Linux kernel's Btrfs filesystem. When handling relocation tree extent buffers without proper backref flags, the system could crash unexpectedly. This affects Linux systems using Btrfs filesystems with kernel versions containing the vulnerable code.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific kernel versions containing vulnerable btrfs code (check git commits for exact ranges)

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using Btrfs filesystem. Requires Btrfs relocation operations to trigger.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System crash leading to denial of service, potential data corruption if crash occurs during critical filesystem operations.

🟠

Likely Case

System crash/panic when specific Btrfs relocation operations encounter malformed extent buffers, causing temporary unavailability.

🟢

If Mitigated

Transaction abort with error logging instead of crash, maintaining system stability with potential operation failure.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific Btrfs operations.

🏢 Internal Only: MEDIUM - Local users or processes with Btrfs access could trigger the condition.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Requires specific conditions in Btrfs filesystem operations. More likely to be triggered accidentally than maliciously.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 0fbac73a97286a7ec72229cb9b42d760a2c717ac, 41a0f85e268d72fe04f731b8ceea4748c2d65491, b50857b96429a09fd3beed9f7f21b7bb7c433688, b56329a782314fde5b61058e2a25097af7ccb675, f895db00c65e5d77c437cce946da9ec29dcdf563

Vendor Advisory: https://git.kernel.org/stable/c/0fbac73a97286a7ec72229cb9b42d760a2c717ac

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Avoid Btrfs relocation operations

linux

Minimize Btrfs operations that trigger relocation tree updates

🧯 If You Can't Patch

Monitor system logs for Btrfs errors and kernel panics
Consider migrating critical data to alternative filesystems temporarily

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if Btrfs module is loaded: lsmod | grep btrfs && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or check with distribution's security update verification tools

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
Btrfs error logs mentioning update_ref_for_cow
Transaction abort logs

SIEM Query:

source="kernel" AND ("panic" OR "BUG_ON" OR "btrfs" AND "error")

📊 Metadata

CVE ID: CVE-2024-46752

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-404

Published: September 18, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46752, you might also want to check these: