CVE-2025-38269
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38269
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38269.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38269
- Downstream
- Published
- 2025-07-10T07:41:51.846Z
- Modified
- 2025-11-28T02:35:20.921303Z
- Summary
- btrfs: exit after state insertion failure at btrfs_convert_extent_bit()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
btrfs: exit after state insertion failure at btrfsconvertextent_bit()
If insertstate() state failed it returns an error pointer and we call extentiotreepanic() which will trigger a BUG() call. However if CONFIGBUG is disabled, which is an uncommon and exotic scenario, then we fallthrough and call cachestate() which will dereference the error pointer, resulting in an invalid memory access.
So jump to the 'out' label after calling extentiotreepanic(), it also makes the code more clear besides dealing with the exotic scenario where CONFIGBUG is disabled.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38269.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/3bf179e36da917c5d9bec71c714573ed1649b7c1
- https://git.kernel.org/stable/c/58c50f45e1821a04d61b62514f9bd34afe67c622
- https://git.kernel.org/stable/c/8d9d32088e304e2bc444a3087cab0bbbd9951866
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38269.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38269