Login Sign Up

CVE-2024-50088

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes an uninitialized pointer vulnerability in the Linux kernel's btrfs filesystem add_inode_ref() function. If exploited, it could lead to kernel memory corruption, potentially causing system crashes or privilege escalation. Systems running affected Linux kernel versions with btrfs filesystems are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE description; check kernel commit references for exact ranges.
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only affects systems using btrfs filesystem. Systems using ext4, xfs, or other filesystems are not vulnerable.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to denial of service, or potential privilege escalation to root if combined with other vulnerabilities.

🟠

Likely Case

System crash or kernel panic causing denial of service.

🟢

If Mitigated

Minimal impact if systems are patched or don't use btrfs filesystems.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific btrfs operations.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires triggering specific btrfs operations that cause read_one_inode() to return NULL, which may be difficult to achieve reliably.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check kernel commit hashes: 12cf028381aa19bc38465341512c280256e8d82d, 66691c6e2f18d2aa4b22ffb624b9bdc97e9979e4, a941f3d5b1469c60a7e70e775584f110b47e0d16, e11ce03b58743bf1e096c48fcaa7e6f08eb75dfa

Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable btrfs filesystem

linux

Avoid using btrfs filesystem if not required

# Check if btrfs is in use: findmnt -t btrfs
# Consider migrating to alternative filesystem if possible

🧯 If You Can't Patch

  • Restrict local user access to systems with btrfs filesystems
  • Implement strict process controls to limit btrfs operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if btrfs is in use: uname -r && findmnt -t btrfs

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check for presence of fix commits in kernel source

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • btrfs-related crash dumps
  • System instability after btrfs operations

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Search for kernel panic events or btrfs-related system crashes

📊 Metadata

CVE ID: CVE-2024-50088
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-824
Published: October 29, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50088, you might also want to check these:

CVE-2020-11138 9.8

This vulnerability allows attackers to exploit uninitialized pointers during music playback in Qualc...

Same vulnerability type (CWE-824)
CVE-2022-44451 9.8

This vulnerability allows arbitrary code execution through a use of uninitialized pointer in Open Ba...

Same vulnerability type (CWE-824)
CVE-2025-66588 9.8

An uninitialized pointer vulnerability in AzeoTech DAQFactory allows attackers to execute arbitrary ...

Same vulnerability type (CWE-824)