Disk Error Handling Issue in Linux Kernel XFS Component
CVE-2025-39835

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39835?

A vulnerability exists in the XFS filesystem of the Linux kernel where disk errors can propagate as false ENODATA (aka ENOATTR) errors. This can mislead applications into thinking that an attribute is not found, while it may actually be a disk I/O issue. Furthermore, this may lead to potential crashes due to null pointer dereferencing in the xfs_attr_leaf_get() function. A patch has been introduced to address this specific bug in the xattr code, ensuring that unique disk-related errors are handled more effectively and do not mistakenly escalate into higher-level XFS functions.

Affected Version(s)

Linux 07120f1abdff80f3d1351f733661abe28d609535 < 157ddfb05961c68ab7d457a462822a698e4e4bf4

Linux 07120f1abdff80f3d1351f733661abe28d609535 < 90bae69c2959c39912f0c2f07a9a7894f3fc49f5

Linux 07120f1abdff80f3d1351f733661abe28d609535

References

https://git.kernel.org/stable/c/157ddfb05961c68ab7d457a46...

https://git.kernel.org/stable/c/90bae69c2959c39912f0c2f07...

https://git.kernel.org/stable/c/e358d4b6225e4c1eb208686a0...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025