A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 5.7 (including) | 5.10.112 (excluding) |
Linux_kernel | Linux | 5.11 (including) | 5.15.35 (excluding) |
Linux_kernel | Linux | 5.16 (including) | 5.17.4 (excluding) |