Arbitrary Code Execution
kernel is vulnerable to arbitrary code execution. A user-after-free occurs in trymergefreespace in fs/btrfs/free-space-cache.c when mounting malicious btrfs filesystem image and subsequently making a syncfs system call. This could potentially lead to arbitrary code execution on the OS...