Buffer Overflow Vulnerability in Linux Kernel Affecting Btrfs Filesystem
CVE-2025-40100
What is CVE-2025-40100?
This vulnerability in the Linux kernel’s Btrfs implementation arises from an assumption made in the handling of block group items when building a free space tree. Specifically, during the process, if block group tree functionality is not in use, the kernel improperly expects the presence of block group items in the extent tree. This assumption fails if a new block group is created in a transaction that has yet to add its item to the extent tree, leading to an assertion failure. The issue disrupts the rebuild process of the free space tree and can potentially compromise data integrity.
Affected Version(s)
Linux a5ed91828518ab076209266c2bc510adabd078df < 4f4b9ca73f84130d9fbb0fc02306ce94ce8bdbe6
Linux a5ed91828518ab076209266c2bc510adabd078df < 289498da343b05c886f19b4269429606f86dd17b
Linux a5ed91828518ab076209266c2bc510adabd078df < 3fdcfd91b93f930d87843156c7c8cc5fbcf9b144