PT-2025-37197 · Linux+5 · Linux Kernel+5

Published

2025-07-25

·

Updated

2026-05-26

·

CVE-2025-39738

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The Linux kernel contains a flaw related to the BTRFS filesystem. Specifically, the issue involves the potential for transaction aborts during balancing operations when encountering partially dropped subvolumes. This occurs because the filesystem may attempt to relocate tree blocks within the range of a subvolume that is in the process of being dropped, leading to missing backref items and errors during delayed reference resolution. The root cause is the lack of orphan items for these subvolumes, a problem that has been addressed by an upstream commit (8d488a8c7ba2) that fixes subvolume/snapshot deletion issues.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Weakness Enumeration

CWE-672

Related Identifiers

AZL-67244
AZL-73938
BDU:2025-15703
CVE-2025-39738
DLA-4328-1
DSA-6009-1
ECHO-5D6E-82BB-70C7
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7938-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Btrfs
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu