CVE-2025-71159

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the btrfs subsystem, specifically in the btrfs get or create delayed node() function. A previous commit altered the order of operations, removing a necessary memory barrier. This change allowed for a potential race condition where a thread could attempt to increment a reference count before it was properly initialized, leading to a refcounting bug and a use-after-free warning. The issue stems from the interaction between setting the reference count for a delayed node and setting the btrfs inode->delayed node pointer. The fix involves restoring the original order of operations to re-establish the necessary memory barrier. The function btrfs get or create delayed node() is involved in the process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.