CVE-2025-21754

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc5-syzkaller

Description The issue arises when a transaction abort occurs during a direct IO write in the Linux kernel, specifically in the btrfs file system. This can lead to an assertion failure in the btrfs split ordered extent() function due to the BTRFS ORDERED IOERR flag being set. The problem is resolved by returning an error from btrfs extract ordered extent() if the BTRFS ORDERED IOERR flag is found in the ordered extent. This error was recently reported by syzbot, a tool used for fuzz testing the Linux kernel.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this problem. As a temporary workaround, consider disabling direct IO writes in the btrfs file system until a patched version is available. Restrict access to the btrfs split ordered extent() function to minimize the risk of exploitation. Avoid using the btrfs extract ordered extent() function with ordered extents that have the BTRFS ORDERED IOERR flag set until the issue is resolved.