Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: The page extent mapping was set after the readfolio operation in relocateonepage. One of the CI runs triggered the following panic: Assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ----------...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The reloc control parameter is not set if the transaction commit fails in preparetorelocate. In btrfsrelocateblockgroup, the rc parameter is allocated. Then, btrfsrelocateblockgroup calls relocateblockgroup, which calls...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Rejects invalid reloc tree root keys with stack dump. BUG Syzbot reported a crash that an ASSERT was triggered inside preparetomerge. This ASSERT ensures that the reloc tree is properly pointed back by its subvolume tree...

CVE-2026-43046

CVE-2026-43046 affects the Linux kernel, specifically btrfs relocation logic where a non-zero drop_progress with drop_level == 0 can be observed in a read-back root_item. The root_item invariant is now validated in the tree-checker when reading from disk: if drop_progress.objectid is non-zero, dr...

CVE-2026-43046 btrfs: reject root items with drop_progress and zero drop_level

In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...

CVE-2026-43046

In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...

PT-2026-36463

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc2-next-20260310 Description An issue exists in the btrfs file system where the kernel fails to validate the root item invariant when reading it from disk. Specifically, if drop progress.objectid is...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011265 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007365 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001394 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003216 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002703)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002703 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted...

CVE-2023-54253

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992613 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992521 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In...

Linux Distros Unpatched Vulnerability : CVE-2022-48903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix relocation crash due to premature return from btrfscommittransaction We are seein...

SUSE CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

DEBIAN-CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

Vulnerability of the btrfs_update_reloc_root() function (fs/btrfs/relocation.c) in the Linux kernel, allowing a hacker to trigger a service failure

The vulnerability of the btrfsupdaterelocroot function fs/btrfs/relocation.c in the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to trigger a service failure...

AZL-52938 CVE-2024-49932 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT e.g. due to preallocated extents not being...