CVE-2024-44963: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-44963 affects the Linux kernel's BTRFS filesystem implementation. The vulnerability was discovered in the btrfs_free_tree_block() function, where the code fails to properly handle error conditions when freeing a tree block, instead triggering a BUG_ON() assertion. This issue was identified and fixed in June 2024 (Kernel Git).

The vulnerability exists in the btrfs_free_tree_block() function where errors from creating delayed references are not properly handled. While the code comments suggested only -ENOMEM errors could occur, in reality when qgroups are enabled, other errors like -EUCLEAN or errors from btrfs_search_slot() could be propagated back. Instead of proper error handling, the code would trigger a BUG_ON() assertion, potentially causing system instability (Kernel Git). The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 MEDIUM with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability could allow a local attacker to cause a denial of service condition through system crashes when certain error conditions occur during BTRFS filesystem operations. This is particularly concerning in systems where qgroups are enabled, as it expands the potential error conditions that could trigger the vulnerability (Kernel Git).

The issue has been fixed by modifying the btrfs_free_tree_block() function to properly handle error conditions instead of triggering BUG_ON(). The fix returns the error to callers and makes them abort the transaction to prevent space leakage. The patch is available in the Linux kernel version 6.10.5 and has been backported to other maintained kernel versions (NVD).