Impact
A defect in the Linux kernel’s btrfs subsystem causes dirty extent buffers to be released even when a write operation fails. This leaves unsubmitted buffers in the dirty_pages tree, and subsequent cleanup attempts free buffers that were never written, triggering cascading kernel warnings and forcing the filesystem into a read‑only state. The impact is loss of write progress, potential data corruption on unmount, and degraded reliability of the btrfs filesystem, but it does not provide an explicit remote code execution path.
Affected Systems
The issue affects Linux kernel builds that compile the btrfs filesystem, including custom kernels such as the 7.1.0‑rc1-custom+ version referenced by the patch series. Any deployment using btrfs without the patch commit 4066c55e109475a06d18a1f127c939d551211956 applied may experience the described warnings and errors when unmounting or performing intensive write workloads.
Risk and Exploitability
Based on the description, the likely attack vector is local interaction with an affected btrfs filesystem; no remote exploitation path is documented. The CVSS score of 7.5 indicates high severity, but the EPSS score is reported as < 1%, placing it in a very low but nonzero exploitation probability. The vulnerability is not listed in CISA’s KEV catalog, further suggesting a limited exploitation likelihood. Consequently, the risk is principally data integrity and availability rather than privilege escalation.
OpenCVE Enrichment