Linux Kernel Btrfs Invalid Memory Access Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Btrfs file system has been addressed. The issue arose when the 'insert_state()' function failed, returning an error pointer. This error was then passed to 'extent_io_tree_panic()', triggering a BUG() call. In scenarios where 'CONFIG_BUG' is disabled, this could lead to an invalid memory access by dereferencing the error pointer. The vulnerability has been resolved by modifying the code to skip the problematic state insertion and directly handle the error, preventing the invalid memory access.

Impact

Exploitation of this vulnerability could lead to invalid memory access, potentially causing a memory corruption issue.

Added: Jul 10, 2025, 10:10 AM

Updated: Jul 10, 2025, 10:10 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Btrfs Invalid Memory Access Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating