CVE-2025-21879Use After Free in Linux

CWE-416Use After Free5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 78.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 27

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free on inode when scanning root during em shrinking At btrfs_scan_root() we are accessing the inode's root (and fs_info) in a call to btrfs_fs_closing() after we have scheduled the inode for a delayed iput, and that can result in a use-after-free on the inode in case the cleaner kthread does the iput before we dereference the inode in the call to btrfs_fs_closing(). Fix this by using the fs_info stored a

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel6.136.13.6+1
CVEListV5linux/linuxfef55c4d9c9c22264d2b2ceae1e26922cb6129a507836bc18f4ae42da4e922244f4685561c18755e+3
debiandebian/linux

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-pwxf-vp8f-f327: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free on inode when scanning root during em shrinking At btr2025-03-27
OSV
CVE-2025-21879: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free on inode when scanning root during em shrinking At btrfs2025-03-27

📋Vendor Advisories

2
Red Hat
kernel: btrfs: fix use-after-free on inode when scanning root during em shrinking2025-03-27
Debian
CVE-2025-21879: linux - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ...2025
CVE-2025-21879 — Use After Free in Linux | cvebase