CVE-2024-57806
📋 TL;DR
A race condition in the Linux kernel's Btrfs filesystem when enabling simple quotas can cause a kernel panic during mount. This affects systems using Btrfs with simple quotas enabled, potentially causing denial of service. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote console access to reboot.
Likely Case
System crash during mount operations when simple quotas were previously enabled, requiring reboot.
If Mitigated
No impact if CONFIG_BTRFS_ASSERT is disabled (assertions are compiled out in production kernels).
🎯 Exploit Status
Reproducer script provided in CVE description. Requires local access and Btrfs mount permissions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in stable kernel trees via commits b87c9b9ba05ba6e8e2ee9ecd29a8c930b35648ed and f2363e6fcc7938c5f0f6ac066fad0dd247598b51
Vendor Advisory: https://git.kernel.org/stable/c/b87c9b9ba05ba6e8e2ee9ecd29a8c930b35648ed
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable CONFIG_BTRFS_ASSERT
linuxCompile kernel without BTRFS assertions (production kernels typically have this disabled)
# Recompile kernel with CONFIG_BTRFS_ASSERT=n
Avoid simple quotas
linuxDo not enable simple quotas on Btrfs filesystems
# Do not run: btrfs quota enable -s /mount/point
🧯 If You Can't Patch
- Ensure production kernels are built without CONFIG_BTRFS_ASSERT enabled
- Avoid using simple quotas on Btrfs filesystems
🔍 How to Verify
Check if Vulnerable:
Check if kernel has CONFIG_BTRFS_ASSERT enabled: grep CONFIG_BTRFS_ASSERT /boot/config-$(uname -r)Check Version:
uname -rVerify Fix Applied:
Check kernel version is patched: uname -r and verify against vendor patch status📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages containing 'assertion failed: btrfs_fs_incompat(fs_info, SIMPLE_QUOTA)'
- Btrfs mount failures after enabling simple quotas
Network Indicators:
- None - local filesystem issue
SIEM Query:
kernel:panic AND btrfs AND (SIMPLE_QUOTA OR qgroup)