Linux Kernel Btrfs Subvolume Error Handling Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Btrfs file system has been addressed, which involved a leak of anonymous device references in the 'create_subvol()' function. This issue occurred when 'btrfs_qgroup_inherit()', 'btrfs_alloc_tree_block()', or 'btrfs_insert_root()' failed, leading to a failure to release the anonymous device. The vulnerability has been resolved by reorganizing the error handling in the 'create_subvol()' function.

Impact

The vulnerability could lead to a resource leak, potentially causing memory issues or exhaustion.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Btrfs Subvolume Error Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating