CVE-2025-40303

CVSS v2.0

1.7

Low

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the btrfs file system related to handling dirty metadata when the file system encounters errors. Specifically, if btrfs experiences an error, the file system is marked as such, preventing new transactions. However, existing metadata modifications remain in the page cache and can be written back after workers are stopped, potentially leading to a use-after-free condition, particularly in RAID5/6 configurations. The issue arises because dirty tree blocks are discarded during close ctree() without being written back, preventing new jobs for already stopped workqueues. The fix involves preventing submission of write requests when the file system is in an error state, ensuring dirty tree blocks are discarded instead of being written back.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-459

Related Identifiers

BDU:2026-03069

CVE-2025-40303

ECHO-73FB-9415-45A1

MGASA-2026-0017

MGASA-2026-0018

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

Btrfs

CVE-2025-40303

Weakness Enumeration

Related Identifiers

Affected Products

References · 2048