Invalid Memory Access in Linux Kernel Btrfs Implementation
CVE-2025-38243

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 July 2025

What is CVE-2025-38243?

The Linux kernel's btrfs implementation is susceptible to an invalid memory access issue during log replay due to improper handling of inode pointers. When the function read_one_inode() retrieves a NULL pointer, it can lead to erroneous behavior where an invalid inode pointer is dereferenced. This flaw can cause system crashes, making it critical for users and administrators to ensure their systems are patched against this vulnerability to maintain stability and security.

Affected Version(s)

Linux b4c50cbb01a1b6901d2b94469636dd80fa93de81

Linux b4c50cbb01a1b6901d2b94469636dd80fa93de81 < 2dcf838cf5c2f0f4501edaa1680fcad03618d760

Linux 6.15

References

https://git.kernel.org/stable/c/ba8386d662cc51cc5382688bb...

https://git.kernel.org/stable/c/2dcf838cf5c2f0f4501edaa16...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2025
Vulnerability Reserved
Apr 16, 2025