Memory Access Vulnerability in Linux Kernel Affecting Btrfs
CVE-2025-21679

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 31 January 2025

Summary

A vulnerability in the Linux kernel's Btrfs file system arises from inadequate error handling within the get_canonical_dev_path() function. When the d_path() function fails and returns an error, it can lead to an invalid memory access during the subsequent strscpy() call, potentially allowing for unexpected behavior or crashes. Proper error handling has been added to mitigate this issue, ensuring the stability and security of the Linux kernel.

Affected Version(s)

Linux 5d261f60b5c82ba1e4b5555252e1c90c43d96015

Linux 7e06de7c83a746e58d4701e013182af133395188

Linux 6.12.5 < 6.12.11

References

https://git.kernel.org/stable/c/d0fb5741932b831eded49bfaa...

https://git.kernel.org/stable/c/fe4de594f7a2e9bc49407de60...

Timeline

Vulnerability published
Jan 31, 2025
Vulnerability Reserved
Dec 29, 2024