PT-2025-33546 · Linux+6 · Linux Kernel+6

Syzbot

·

Published

2025-06-05

·

Updated

2026-04-20

·

CVE-2025-38503

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A flaw was discovered in the Linux kernel related to the BTRFS file system's free space tree. Specifically, an assertion failure could occur when building the free space tree with the block group tree feature enabled, particularly when processing an empty block group. This issue arises because the code incorrectly assumes the existence of a block group item in the extent root when the block group tree feature is active, leading to an invalid assertion. The root cause is that when processing an empty block group, btrfs search slot for read() can return 1, indicating no higher key is found, which triggers the assertion failure.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Assertion Failure

Weakness Enumeration

CWE-770CWE-617

Related Identifiers

AZL-66353
BDU:2025-10444
CVE-2025-38503
DLA-4328-1
ECHO-9CD2-EDFB-929B
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03272-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03301-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20653-1
SUSE-SU-2025:20669-1
SUSE-SU-2025:20739-1
SUSE-SU-2025:20756-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_03272-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03301-1
SUSE-SU-2025_03382-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Btrfs
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu