Medium severity5.5NVD Advisory· Published Jan 31, 2025· Updated Jun 17, 2026
CVE-2025-21679
CVE-2025-21679
Description
In the Linux kernel, the following vulnerability has been resolved:
btrfs: add the missing error handling inside get_canonical_dev_path
Inside function get_canonical_dev_path(), we call d_path() to get the final device path.
But d_path() can return error, and in that case the next strscpy() call will trigger an invalid memory access.
Add back the missing error handling for d_path().
Affected products
3Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.