SB2025103127 - Reachable assertion in Linux kernel btrfs
Published: October 31, 2025
Security Bulletin ID
SB2025103127
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Reachable assertion (CVE-ID: CVE-2025-40100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the populate_free_space_tree() function in fs/btrfs/free-space-tree.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/289498da343b05c886f19b4269429606f86dd17b
- https://git.kernel.org/stable/c/3fdcfd91b93f930d87843156c7c8cc5fbcf9b144
- https://git.kernel.org/stable/c/4f4b9ca73f84130d9fbb0fc02306ce94ce8bdbe6
- https://git.kernel.org/stable/c/a5a51bf4e9b7354ce7cd697e610d72c1b33fd949
- https://git.kernel.org/stable/c/eb145463f22d7d32d426b29fe9810de9e792b6ba