Null Pointer Dereference Vulnerability in Linux Kernel Btrfs File System
CVE-2025-38059
What is CVE-2025-38059?
A vulnerability in the Btrfs file system within the Linux kernel allows for a null pointer dereference during read-only scrub operations. This issue arises when the 'rescue=idatacsums' mount option is applied, which prevents the loading of the checksum tree, leading to a scenario where any attempted data reads won't verify checksums. If scrub operations are initiated without proper state checks for the csum tree, a call to the btrfs_search_slot() function results in a crash due to dereferencing a null pointer. This flaw highlights significant risks in data processing and integrity verification within the affected Btrfs file system under specific mount conditions.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 50d0de59f66cbe6d597481e099bf1c70fd07e0a9
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6e9770de024964b1017f99ee94f71967bd6edaeb
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2