Buffer Management Flaw in Linux Kernel Affecting Memory Operations
CVE-2025-71295
What is CVE-2025-71295?
A vulnerability exists in the Linux kernel related to buffer management during the memory release process. The function try_to_free_buffers() can erroneously be invoked on folios that lack attached buffers. This issue arises when filemap_release_folio() is called on a folio associated with a mapping holding the AS_RELEASE_ALWAYS flag, but without a corresponding release_folio operation defined. Consequently, while folio_needs_release() indicates that the folio should be released due to the AS_RELEASE_ALWAYS flag, the absence of private buffer data leads to an attempt to drop buffers on an empty folio, resulting in a null pointer dereference. A defensive measure has been implemented in the form of an early return from try_to_free_buffers() for folios without attached buffers, along with a warning to alert users about possible misconfigurations.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1b111a69a6e33a922622bf9870e4e63fb2b649c8
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 727e5140e0cf83b4ce6a11b89bb73bff5d96f8f3