CVE-2025-21679

Medium CVSS: 5.5

In the Linux kernel, the following vulnerability has been resolved:

btrfs: add the missing error handling inside get_canonical_dev_path

Inside function get_canonical_dev_path(), we call d_path() to get the
final device path.

But d_path() can return error, and in that case the next strscpy() call
will trigger an invalid memory access.

Add back the missing error handling for d_path().

Vendor

Linux

Product

Linux Kernel

CWE

NVD-CWE-noinfo

Yayın Tarihi

2025-01-31 12:15:29

Güncelleme

2025-10-15 13:39:54

Source Identifier

416baaa9-dc9f-4396-8d5f-8c081fb06d67

KEV Date Added

Kategoriler

NVD-CWE-noinfo Linux Kernel MEDIUM Linux 2025

Referanslar

https://git.kernel.org/stable/c/d0fb5741932b831eded49bfaaf33353e96200d6d https://git.kernel.org/stable/c/fe4de594f7a2e9bc49407de60fbd20809fad4192

Benzer Kayıtlar

Medium

CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sb_set_blocksize() return value romfs…

Medium

CVE-2026-23237

In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL po…

High

CVE-2026-23236

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kerne…

High

CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute r…

High

CVE-2026-23234

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fs_write_end_io() As s…

High

CVE-2026-23233

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for…