CVE-2025-38059
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's btrfs filesystem allows local attackers to crash the system when performing read-only scrubs with the rescue=idatacsums mount option. This affects Linux systems using btrfs with that specific configuration. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or corruption if the crash occurs during critical operations.
Likely Case
System crash when a privileged user performs a btrfs scrub operation with rescue=idatacsums mount option, resulting in temporary denial of service.
If Mitigated
No impact if rescue=idatacsums mount option is not used or if scrub operations are avoided on affected systems.
🎯 Exploit Status
Exploitation requires local access and ability to mount filesystems with specific options or perform scrub operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 50d0de59f66cbe6d597481e099bf1c70fd07e0a9, 6e9770de024964b1017f99ee94f71967bd6edaeb, d35bed14b0bc95c6845863a3744ecd10b888c830, or f95d186255b319c48a365d47b69bd997fecb674e
Vendor Advisory: https://git.kernel.org/stable/c/50d0de59f66cbe6d597481e099bf1c70fd07e0a9
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel.
🔧 Temporary Workarounds
Avoid rescue=idatacsums mount option
linuxDo not use rescue=idatacsums mount option for btrfs filesystems.
Remove rescue=idatacsums from /etc/fstab mount options
Remount without rescue=idatacsums option
Disable scrub operations
linuxAvoid running btrfs scrub commands on affected systems.
Do not run: btrfs scrub start /mount/point
Monitor for scrub operations in cron jobs
🧯 If You Can't Patch
- Remove rescue=idatacsums from all btrfs mount configurations
- Restrict local user access to prevent scrub operations
🔍 How to Verify
Check if Vulnerable:
Check if rescue=idatacsums is in mount options: mount | grep btrfs | grep rescue=idatacsumsCheck Version:
uname -rVerify Fix Applied:
Check kernel version is patched: uname -r and verify with distribution security advisories📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning btrfs_lookup_csums_bitmap
- System crash logs during btrfs scrub operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
Search for: 'kernel: BUG: kernel NULL pointer dereference' AND 'btrfs' AND 'scrub'