Writeback Vulnerability in Btrfs RAID5 Metadata Handling for Linux Kernel
CVE-2025-40303

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
8 December 2025

What is CVE-2025-40303?

A vulnerability in the Btrfs filesystem affects RAID5 metadata handling in the Linux kernel. When the filesystem encounters an error, it enters an error state where new transactions are disallowed. However, certain dirty metadata modifications may still reside in the page cache, leading to potential data corruption. If these are not handled correctly during the writeback process, it can result in a use-after-free condition when invoking write operations. This issue occurs without code modification, specifically when running workloads that trigger worker tasks in the kernel. The vulnerability has been addressed by implementing a special condition in the writeback process, ensuring that if the filesystem is flagged with errors, any pending metadata writes are marked as failures to prevent further corruption.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 13e6c37b989859e70b0d73d3f2cb0aa022159b17 < 066ee13f05fbd82ada01883e51f0695172f98dff

Linux 13e6c37b989859e70b0d73d3f2cb0aa022159b17

Linux 13e6c37b989859e70b0d73d3f2cb0aa022159b17 < 54a5b5a15588e3b0b294df31474d08a2678d4291

References

https://git.kernel.org/stable/c/066ee13f05fbd82ada01883e5...
https://git.kernel.org/stable/c/e2b3859067bf012d53c49b3f8...
https://git.kernel.org/stable/c/54a5b5a15588e3b0b294df314...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.