Null Pointer Dereference Vulnerability in Linux Kernel Btrfs File System
CVE-2025-38059

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 June 2025

What is CVE-2025-38059?

A vulnerability in the Btrfs file system within the Linux kernel allows for a null pointer dereference during read-only scrub operations. This issue arises when the 'rescue=idatacsums' mount option is applied, which prevents the loading of the checksum tree, leading to a scenario where any attempted data reads won't verify checksums. If scrub operations are initiated without proper state checks for the csum tree, a call to the btrfs_search_slot() function results in a crash due to dereferencing a null pointer. This flaw highlights significant risks in data processing and integrity verification within the affected Btrfs file system under specific mount conditions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 74ef00185eb864252156022ff129b01549504175 < 50d0de59f66cbe6d597481e099bf1c70fd07e0a9

Linux 74ef00185eb864252156022ff129b01549504175 < 6e9770de024964b1017f99ee94f71967bd6edaeb

Linux 74ef00185eb864252156022ff129b01549504175

References

https://git.kernel.org/stable/c/50d0de59f66cbe6d597481e09...
https://git.kernel.org/stable/c/6e9770de024964b1017f99ee9...
https://git.kernel.org/stable/c/d35bed14b0bc95c6845863a37...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.