{"uuid": "d7d09ae1-ae13-4385-b235-22453056139c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56774", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/778", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56774\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: add a sanity check for btrfs root in btrfs_search_slot()\n\nSyzbot reports a null-ptr-deref in btrfs_search_slot().\n\nThe reproducer is using rescue=ibadroots, and the extent tree root is\ncorrupted thus the extent tree is NULL.\n\nWhen scrub tries to search the extent tree to gather the needed extent\ninfo, btrfs_search_slot() doesn't check if the target root is NULL or\nnot, resulting the null-ptr-deref.\n\nAdd sanity check for btrfs root before using it in btrfs_search_slot().\n\ud83d\udccf Published: 2025-01-08T17:49:13.121Z\n\ud83d\udccf Modified: 2025-01-08T17:49:13.121Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c71d114ef68c95da5a82ec85a721ab31f5bd905b\n2. https://git.kernel.org/stable/c/db66fb87c21e8ae724886e6a464dcbac562a64c6\n3. https://git.kernel.org/stable/c/757171d1369b3b47f36932d40a05a0715496dcab\n4. https://git.kernel.org/stable/c/93992c3d9629b02dccf6849238559d5c24f2dece\n5. https://git.kernel.org/stable/c/3ed51857a50f530ac7a1482e069dfbd1298558d4", "creation_timestamp": "2025-01-08T18:22:41.000000Z"}