CVE-2024-35936

MEDIUMNVD 5.55.5—

5.5

In the Linux kernel, the following vulnerability has been resolved:

btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption, as it could be caused only by two impossible conditions:

at first the search key is set up to look for a chunk tree item, with

offset -1, this is an inexact search and the key->offset will contain the correct offset upon a successful search, a valid chunk tree item cannot have an offset -1

after first successful search, the found_key corresponds to a chunk

item, the offset is decremented by 1 before the next loop, it's impossible to find a chunk item there due to alignment and size constraints

CVSS v3: 5.5
EG Score: 5.5(medium)
EPSS: 13.6%
KEV: Not listed

Published

May 19, 2024

Last Modified

May 12, 2026

References (19)

416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0d23b34c68c46cd225b55868bc8a269e3134816d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1f9212cdbd005bc55f2b7422e7b560d9c02bd1da
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/36c2a2863bc3896243eb724dc3fd4cf9aea633f2
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/576164bd01bd795f8b09fb194b493103506b33c9
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7411055db5ce64f836aaffd422396af0075fdc99
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/87299cdaae757f3f41212146cfb5b3af416b8385
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bebd9e0ff90034875c5dfe4bd514fd7055fc7a89
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d1ffa4ae2d591fdd40471074e79954ec45f147f7
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/0d23b34c68c46cd225b55868bc8a269e3134816d
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1f9212cdbd005bc55f2b7422e7b560d9c02bd1da
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/36c2a2863bc3896243eb724dc3fd4cf9aea633f2
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/576164bd01bd795f8b09fb194b493103506b33c9
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/7411055db5ce64f836aaffd422396af0075fdc99
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/87299cdaae757f3f41212146cfb5b3af416b8385
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/bebd9e0ff90034875c5dfe4bd514fd7055fc7a89

Patch Availability(17)

Vendor / Ecosystem	Fixed in / Patch	Released	Source
ubuntu	linux-virtual-hwe-18.04-edge (5.4.0.189.187) @ focal	2026-05-22	ubuntu
ubuntu	linux-virtual-hwe-18.04-edge (5.4.0.189.209~18.04.1) @ bionic	2026-05-22	ubuntu
ubuntu	linux-virtual-hwe-24.04-edge (6.8.0-38.38) @ noble	2026-05-22	ubuntu
ubuntu	linux-virtual-hwe-20.04-edge (5.15.0.116.116) @ jammy	2026-05-22	ubuntu
ubuntu	linux-tools-nvidia-64k (6.8.0-1009.9) @ noble	2026-05-22	ubuntu
ubuntu	linux-tools-oracle-64k (6.8.0-1008.8) @ noble	2026-05-22	ubuntu
ubuntu	linux-tools-aws (6.8.0-1011.12) @ noble	2026-05-22	ubuntu
ubuntu	linux-tools-azure-lts-22.04 (5.15.0.1068.66) @ jammy	2026-05-22	ubuntu
ubuntu	linux-tools-aws-edge (5.15.0.1065.71~20.04.1) @ focal	2026-05-22	ubuntu
ubuntu	linux-tools-raspi2-hwe-18.04-edge (5.4.0.1112.142) @ focal	2026-05-22	ubuntu
ubuntu	linux-xilinx-zynqmp-tools-5.4.0-1047 (5.4.0-1047.51) @ focal	2026-05-22	ubuntu
ubuntu	linux-tools-aws-lts-22.04 (5.15.0.1065.65) @ jammy	2026-05-22	ubuntu
ubuntu	linux-tools-iot (5.4.0.1040.38) @ focal	2026-05-22	ubuntu
ubuntu	linux-tools-lowlatency-hwe-20.04-edge (5.15.0.116.106) @ jammy	2026-05-22	ubuntu
ubuntu	linux-tools-raspi-nolpae (5.15.0.1058.56) @ jammy	2026-05-22	ubuntu
ubuntu	linux-xilinx-zynqmp-tools-host (5.15.0-1035.39) @ jammy	2026-05-22	ubuntu
ubuntu	linux-tools-gcp-edge (5.15.0.1065.73~20.04.1) @ focal	2026-05-22	ubuntu

Patches are aggregated from vendor advisories (Red Hat, Microsoft, Cisco, GitHub) and package ecosystems (OSV, GHSA). Multiple rows for the same upstream release have been deduplicated.

All Vendor Advisories

(17)

Every vendor that published an advisory referencing this CVE — pulled from our cve_vendor_advisories aggregation. Click any row for the vendor's original advisory page.

Data Freshness Timeline

(refreshed 14× in last 7d / 55× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

2026-06-23 21:32 UTCEPSS rescore
2026-06-23 21:32 UTCEPSS rescore
2026-06-22 14:25 UTCEPSS rescore
2026-06-22 14:25 UTCEPSS rescore
2026-06-22 12:26 UTCOSV refresh
2026-06-21 14:55 UTCEPSS rescore
2026-06-21 14:55 UTCEPSS rescore
2026-06-21 01:58 UTCEPSS rescore
2026-06-21 01:58 UTCEPSS rescore
2026-06-19 19:25 UTCEPSS rescore
2026-06-19 19:25 UTCEPSS rescore
2026-06-18 17:52 UTCEPSS rescore
2026-06-18 17:51 UTCEPSS rescore
2026-06-17 17:52 UTCEPSS rescore
2026-06-16 17:52 UTCEPSS rescore
2026-06-16 17:52 UTCEPSS rescore
2026-06-15 17:47 UTCEPSS rescore
2026-06-14 23:16 UTCEPSS rescore
2026-06-13 22:59 UTCEPSS rescore
2026-06-13 22:59 UTCEPSS rescore
2026-06-12 23:11 UTCEPSS rescore
2026-06-11 13:59 UTCEPSS rescore
2026-06-10 22:17 UTCEPSS rescore
2026-06-10 13:21 UTCEPSS rescore
2026-06-08 14:16 UTCEPSS rescore

Show 52 more

2026-06-07 15:24 UTCEPSS rescore
2026-06-07 15:24 UTCEPSS rescore
2026-06-06 13:46 UTCEPSS rescore
2026-06-06 13:46 UTCEPSS rescore
2026-06-05 22:46 UTCEPSS rescore
2026-06-05 22:46 UTCEPSS rescore
2026-06-05 06:09 UTCEPSS rescore
2026-06-05 06:09 UTCEPSS rescore
2026-06-04 19:09 UTCOSV refresh
2026-06-04 13:11 UTCEPSS rescore
2026-06-04 13:11 UTCEPSS rescore
2026-06-02 20:12 UTCEPSS rescore
2026-06-01 13:51 UTCEPSS rescore
2026-06-01 13:51 UTCEPSS rescore
2026-05-31 22:30 UTCEPSS rescore
2026-05-31 22:30 UTCEPSS rescore
2026-05-31 00:15 UTCEPSS rescore
2026-05-31 00:15 UTCEPSS rescore
2026-05-29 13:43 UTCEPSS rescore
2026-05-28 13:44 UTCEPSS rescore
2026-05-28 13:44 UTCEPSS rescore
2026-05-28 13:44 UTCEPSS rescore
2026-05-27 13:40 UTCEPSS rescore
2026-05-27 13:40 UTCEPSS rescore
2026-05-27 13:40 UTCEPSS rescore
2026-05-26 13:43 UTCEPSS rescore
2026-05-26 13:43 UTCEPSS rescore
2026-05-26 07:18 UTCEPSS rescore
2026-05-26 07:18 UTCEPSS rescore
2026-05-26 07:18 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 01:42 UTCEG score recompute
2026-05-22 01:42 UTCVendor advisory
2026-05-22 01:42 UTCGHSA enrichment
2026-05-21 22:42 UTCEPSS rescore
2026-05-21 22:42 UTCEPSS rescore
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore

Frequently asked(5)

What is CVE-2024-35936?

CVE-2024-35936 is a medium vulnerability published on May 19, 2024. In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesys_chunks() The unhandled case in btrfsrelocatesys_chunks() loop is a corruption, as it could be caused only by two impossible conditions: at first the search key is set up to…

When was CVE-2024-35936 disclosed?

CVE-2024-35936 was first published in the National Vulnerability Database on May 19, 2024, with the most recent update on May 12, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.

Is CVE-2024-35936 actively exploited?

CVE-2024-35936 is not currently on CISA's Known Exploited Vulnerabilities catalog. FIRST EPSS estimates a 13.6% percentile likelihood of exploitation in the next 30 days — higher percentiles indicate greater predicted risk.

What is the CVSS score of CVE-2024-35936?

CVE-2024-35936 has a CVSS v3 base score of 5.5 (NVD).

How do I remediate CVE-2024-35936?

Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2024-35936, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

Explore the affected products and dependency analysis for CVE-2024-35936

Explore →

Is Your Infrastructure Affected by CVE-2024-35936?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2024-35936

📅 Published

🔄 Last Modified

🔗 References (19)

Patch Availability(17)

All Vendor Advisories

Data Freshness Timeline

❓ Frequently asked(5)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2024-35936?

🔗 Related CVEs(same vendor)

Same vendor

Published

Last Modified

References (19)

Frequently asked(5)

Related CVEs(same vendor)