CVE Daily

CVE-2025-21679

In the Linux kernel, the following vulnerability has been resolved: btrfs: add ...

Unknown CVSS N/A

Overview

In the Linux kernel, the following vulnerability has been resolved:

btrfs: add the missing error handling inside get_canonical_dev_path

Inside function get_canonical_dev_path(), we call d_path() to get the
final device path.

But d_path() can return error, and in that case the next strscpy() call
will trigger an invalid memory access.

Add back the missing error handling for d_path().

CWE: N/A Published: 2025-01-31T12:15:29.070
Risk analysis

This vulnerability is rated ⚪ UNKNOWN.

  • CVSS: N/A
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags