In the Linux kernel, the following vulnerability has been resolved:
btrfs: add a sanity check for btrfs root in btrfs_search_slot()
Syzbot reports a null-ptr-deref in btrfs_search_slot().
The reproducer is using rescue=ibadroots, and the extent tree root is
corrupted thus the extent tree is NULL.
When scrub tries to search the extent tree to gather the needed extent
info, btrfs_search_slot() doesn't check if the target root is NULL or
not, resulting the null-ptr-deref.
Add sanity check for btrfs root before using it in btrfs_search_slot().
CVE ID: CVE-2024-56774
Vendor: Linux
Product: Linux
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 5.07% (scored less or equal to compared to others)
EPSS Date: 2025-02-06 (when was this score calculated)