Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Btrfs Incorrect Return Value Vulnerability in Extent Data Reference Lookup

Vulnerability

A vulnerability in the Linux kernel's Btrfs file system has been addressed. The issue arose after a previous commit that simplified return variable handling in the function 'lookup_extent_data_ref'. This change inadvertently caused the function to return misleading success indicators, which could lead to operations on incorrect data and potential corruption of the extent tree. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability could cause operations to be performed on the wrong extent tree items, leading to corruption of the extent tree.

Reproduction

The vulnerability can be reproduced by using a version of the Linux kernel that includes the problematic commit. The 'lookup_extent_data_ref' function will incorrectly indicate a successful lookup when it has not, allowing operations to be performed on the wrong data.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.

Added: Apr 24, 2026, 3:38 PM
Updated: Apr 24, 2026, 3:38 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
6.6
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.