CVE-2025-71269
Incorrect Data Reservation Freeing in Linux btrfs Causes Data Corruption
Publication date: 2026-03-18
Last updated on: 2026-04-11
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | btrfs | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
Improperly freeing reserved qgroup data in the btrfs filesystem could lead to inconsistencies in data reservation accounting. This might cause unexpected behavior in disk space management, potentially leading to data corruption or loss of data integrity when the fallback path is used after an inline extent creation failure.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's btrfs filesystem. When the system fails to create an inline extent due to a lack of space (-ENOSPC), it falls back to a normal copy-on-write (COW) path which involves reserving an extent and creating an ordered extent. However, the reserved quota group (qgroup) data was always being freed incorrectly, even though it was still needed. The fix ensures that the reserved qgroup data is only freed if the fallback does not occur, preventing improper freeing of data reservation.