CVE-2025-71184

MEDIUM

Linux Kernel - NULL Pointer Dereference in btrfs_evict_inode

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfs_evict_inode() the root might be NULL, as implied in the next check that we do in btrfs_evict_inode(). Hence, we either should set the ->root_objectid to 0 in case the root is NULL, or we move tracing setup after checking that the root is not NULL. Setting the rootid to 0 at least gives us the possibility to trace this call even in the case when the root is NULL, so that's the solution taken here.

References (4)

Core 4

Core References

https://git.kernel.org/stable/c/64d8abd8c5305795a2b35fc96039d99d34f5e762

Patch

https://git.kernel.org/stable/c/582ba48e4a4c06fef6bdcf4e57b7b9af660bbd0c

Patch

https://git.kernel.org/stable/c/99e057f3d3ef24b99a7b1d84e01dd1bd890098da

Patch

https://git.kernel.org/stable/c/f157dd661339fc6f5f2b574fe2429c43bd309534

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (17)

linux/Kernel 2.6.39 - 6.12.66linux

linux/Kernel 2.6.39 - 6.6.130linux

linux/Kernel 6.13.0 - 6.18.6linux

linux/Kernel 6.7.0 - 6.12.66linux

Linux/Linux < 2.6.39

Linux/Linux 1abe9b8a138c9988ba8f7bfded6453649a31541f - 582ba48e4a4c06fef6bdcf4e57b7b9af660bbd0c

Linux/Linux 1abe9b8a138c9988ba8f7bfded6453649a31541f - 64d8abd8c5305795a2b35fc96039d99d34f5e762

Linux/Linux 1abe9b8a138c9988ba8f7bfded6453649a31541f - 99e057f3d3ef24b99a7b1d84e01dd1bd890098da

Linux/Linux 1abe9b8a138c9988ba8f7bfded6453649a31541f - f157dd661339fc6f5f2b574fe2429c43bd309534

Linux/Linux 2.6.39

... and 7 more

Published Jan 31, 2026

Tracked Since Feb 18, 2026