We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-21679

btrfs: add the missing error handling inside get_canonical_dev_path



Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: add the missing error handling inside get_canonical_dev_path Inside function get_canonical_dev_path(), we call d_path() to get the final device path. But d_path() can return error, and in that case the next strscpy() call will trigger an invalid memory access. Add back the missing error handling for d_path().

Reserved 2024-12-29 | Published 2025-01-31 | Updated 2025-01-31 | Assigner Linux

Product status

Default status
unaffected

5d261f60b5c82ba1e4b5555252e1c90c43d96015 before d0fb5741932b831eded49bfaaf33353e96200d6d
affected

7e06de7c83a746e58d4701e013182af133395188 before fe4de594f7a2e9bc49407de60fbd20809fad4192
affected

Default status
unaffected

6.12.5 before 6.12.11
affected

References

git.kernel.org/...c/d0fb5741932b831eded49bfaaf33353e96200d6d

git.kernel.org/...c/fe4de594f7a2e9bc49407de60fbd20809fad4192

cve.org (CVE-2025-21679)

nvd.nist.gov (CVE-2025-21679)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2025-21679

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.
MonTueWedThuFriSatSun
242526272812345678910111213141516171819202122232425262728293031123456
MonTueWedThuFriSatSun
242526272812345678910111213141516171819202122232425262728293031123456