CVE-2025-40101
BaseFortify
Publication date: 2025-10-30
Last updated on: 2025-10-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's btrfs filesystem involves memory leaks occurring when rejecting a non SINGLE data profile without a RAID stripe tree (RST). Specifically, in the function btrfs_load_block_group_zone_info(), if the mapping type is not SINGLE and there is no RST, the function returns early with an error, which prevents the cleanup code from freeing allocated memory. The fix ensures that instead of returning early, the function sets an error value but continues to execute the cleanup code to free memory properly.
How can this vulnerability impact me? :
This vulnerability can lead to memory leaks in the Linux kernel's btrfs filesystem, which may cause increased memory usage and potentially degrade system performance or stability over time if the issue is triggered repeatedly.