CVE-2025-71184

When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode() the root might be NULL, as implied in the next check that we do in btrfsevictinode().

Hence, we either should set the ->root_objectid to 0 in case the root is NULL, or we move tracing setup after checking that the root is not NULL. Setting the rootid to 0 at least gives us the possibility to trace this call even in the case when the root is NULL, so that's the solution taken here.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71184.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1abe9b8a138c9988ba8f7bfded6453649a31541f

Fixed

64d8abd8c5305795a2b35fc96039d99d34f5e762

Fixed

582ba48e4a4c06fef6bdcf4e57b7b9af660bbd0c

Fixed

99e057f3d3ef24b99a7b1d84e01dd1bd890098da

Fixed

f157dd661339fc6f5f2b574fe2429c43bd309534

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71184.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.6.39

Fixed

6.6.130

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.66

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71184.json"