SB2025121007 - Double free in Linux kernel btrfs
Published: December 10, 2025 Updated: December 12, 2025
Security Bulletin ID
SB2025121007
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Double free (CVE-ID: CVE-2023-53865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the btrfs_qgroup_destroy_extent_records() function in fs/btrfs/qgroup.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/62dd82bc7a90b5052c062a0ad5be6d8a479a3cfb
- https://git.kernel.org/stable/c/89e994688e965813ec0a09fb30b87fb8cee06474
- https://git.kernel.org/stable/c/aa84ce8a78a1a5c10cdf9c7a5fb0c999fbc2c8d6
- https://git.kernel.org/stable/c/ae91ab710d8e309f6c9eba07ce0d9d0b5d9040f0
- https://git.kernel.org/stable/c/c9060caab4135dd660c4676d1ea33a6e0d3fc09d
- https://git.kernel.org/stable/c/d2c667cc18314c9bad3ec86ae071c0342132aa09
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188