{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-46840","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-09-11T15:12:18.288Z","datePublished":"2024-09-27T12:39:34.998Z","dateUpdated":"2026-01-05T10:53:35.228Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-01-05T10:53:35.228Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: clean up our handling of refs == 0 in snapshot delete\n\nIn reada we BUG_ON(refs == 0), which could be unkind since we aren't\nholding a lock on the extent leaf and thus could get a transient\nincorrect answer.  In walk_down_proc we also BUG_ON(refs == 0), which\ncould happen if we have extent tree corruption.  Change that to return\n-EUCLEAN.  In do_walk_down() we catch this case and handle it correctly,\nhowever we return -EIO, which -EUCLEAN is a more appropriate error code.\nFinally in walk_up_proc we have the same BUG_ON(refs == 0), so convert\nthat to proper error handling.  Also adjust the error message so we can\nactually do something with the information."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/btrfs/extent-tree.c"],"versions":[{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"c847b28a799733b04574060ab9d00f215970627d","status":"affected","versionType":"git"},{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"71291aa7246645ef622621934d2067400380645e","status":"affected","versionType":"git"},{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"c60676b81fab456b672796830f6d8057058f029c","status":"affected","versionType":"git"},{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"728d4d045b628e006b48a448f3326a7194c88d32","status":"affected","versionType":"git"},{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"9cc887ac24b7a0598f4042ae9af6b9a33072f75b","status":"affected","versionType":"git"},{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"7d1df13bf078ffebfedd361d714ff6cee1ff01b9","status":"affected","versionType":"git"},{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"03804641ec2d0da4fa088ad21c88e703d151ce16","status":"affected","versionType":"git"},{"version":"2c47e605a91dde6b0514f689645e7ab336c8592a","lessThan":"b8ccef048354074a548f108e51d0557d6adfd3a3","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/btrfs/extent-tree.c"],"versions":[{"version":"2.6.31","status":"affected"},{"version":"0","lessThan":"2.6.31","status":"unaffected","versionType":"semver"},{"version":"4.19.322","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.284","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.226","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.167","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.110","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.51","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.10","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"4.19.322"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"5.4.284"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"5.10.226"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"5.15.167"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.1.110"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.6.51"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.10.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.11"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/c847b28a799733b04574060ab9d00f215970627d"},{"url":"https://git.kernel.org/stable/c/71291aa7246645ef622621934d2067400380645e"},{"url":"https://git.kernel.org/stable/c/c60676b81fab456b672796830f6d8057058f029c"},{"url":"https://git.kernel.org/stable/c/728d4d045b628e006b48a448f3326a7194c88d32"},{"url":"https://git.kernel.org/stable/c/9cc887ac24b7a0598f4042ae9af6b9a33072f75b"},{"url":"https://git.kernel.org/stable/c/7d1df13bf078ffebfedd361d714ff6cee1ff01b9"},{"url":"https://git.kernel.org/stable/c/03804641ec2d0da4fa088ad21c88e703d151ce16"},{"url":"https://git.kernel.org/stable/c/b8ccef048354074a548f108e51d0557d6adfd3a3"}],"title":"btrfs: clean up our handling of refs == 0 in snapshot delete","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-29T13:59:36.735049Z","id":"CVE-2024-46840","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-29T13:59:41.445Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:19:28.536Z"}}]}}