CVE-2025-71269
Description
In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not free data reservation in fallback from inline due to -ENOSPC
If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an ordered extent, etc. However we were always freeing the reserved qgroup data, which is wrong since we will use data. Fix this by freeing the reserved qgroup data in __cow_file_range_inline() only if we are not doing the fallback (ret is <= 0).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In btrfs, a qgroup data reservation is incorrectly freed when inline extent creation fails with -ENOSPC, causing resource accounting errors.
Vulnerability
In the Linux kernel's btrfs filesystem, the function __cow_file_range_inline() incorrectly frees the reserved qgroup data reservation when creating an inline extent fails with -ENOSPC and the code falls back to the normal COW path. This results in a qgroup data reservation being freed even though it will be used by the fallback path, leading to incorrect resource accounting [1].
Exploitation
An attacker with local access to a btrfs filesystem could trigger this bug by causing an -ENOSPC error during inline extent creation, for example by filling the filesystem to near capacity and then performing a write operation that attempts to create an inline extent. No special privileges are required beyond normal file write permissions.
Impact
Incorrect qgroup data reservation accounting can lead to system instability, denial of service, or possible corruption of filesystem metadata under specific conditions. The vulnerability affects qgroup tracking used for quota enforcement and space accounting in btrfs.
Mitigation
The fix is included in Linux kernel stable updates starting from commits [1], [2], [3], and [4]. Users should update their kernel to a version containing the patch. No workaround is available other than applying the kernel update.
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- git.kernel.org/stable/c/0a1fbbd780f04d1b6cf48dd327c866ba937de1c4nvd
- git.kernel.org/stable/c/3a9fd45afadec1fbfec72057b9473d509fa8b68cnvd
- git.kernel.org/stable/c/3edd1f6c7c520536b62b2904807033597554dbacnvd
- git.kernel.org/stable/c/6de3a371a8b9fd095198b1aa68c22cc10a4c6961nvd
- git.kernel.org/stable/c/f8da41de0bff9eb1d774a7253da0c9f637c4470anvd
News mentions
0No linked articles in our index yet.