CVE-2025-21942

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0

Description A vulnerability in the Linux kernel has been resolved, specifically in the btrfs zoned mode. The issue occurs when there is no active zone available, causing the btrfs reserve extent() function to return -EAGAIN. This leads to a hang issue due to a failure to unlock allocated extents. The problem arises from a commit that moved the unlock code outside a loop, causing the allocated extents to remain locked in certain cases. The vulnerability can cause tasks to become blocked for an extended period, resulting in a system hang.

Recommendations To resolve the issue, update to a Linux kernel version that includes the fix for the extent range end unlock in cow file range(). As a temporary workaround, consider disabling the btrfs module or restricting its use until a patched version is available. Additionally, avoid using the btrfs filesystem in zoned mode until the issue is resolved.