CVE-2025-38269
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38269
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38269.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38269
- Aliases
- Downstream
- Published
- 2025-07-10T07:41:51.846Z
- Modified
- 2026-01-14T18:58:52.029311Z
- Summary
- btrfs: exit after state insertion failure at btrfs_convert_extent_bit()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
btrfs: exit after state insertion failure at btrfsconvertextent_bit()
If insertstate() state failed it returns an error pointer and we call extentiotreepanic() which will trigger a BUG() call. However if CONFIGBUG is disabled, which is an uncommon and exotic scenario, then we fallthrough and call cachestate() which will dereference the error pointer, resulting in an invalid memory access.
So jump to the 'out' label after calling extentiotreepanic(), it also makes the code more clear besides dealing with the exotic scenario where CONFIGBUG is disabled.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38269.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/3bf179e36da917c5d9bec71c714573ed1649b7c1
- https://git.kernel.org/stable/c/58c50f45e1821a04d61b62514f9bd34afe67c622
- https://git.kernel.org/stable/c/8d9d32088e304e2bc444a3087cab0bbbd9951866
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38269.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38269
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc91ea4bfa6dda549295ea7c15dfc990094d1fcd3Fixed58c50f45e1821a04d61b62514f9bd34afe67c622Fixed8d9d32088e304e2bc444a3087cab0bbbd9951866Fixed3bf179e36da917c5d9bec71c714573ed1649b7c1
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.6
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7