{"api_version":"1","generated_at":"2026-04-11T20:40:08+00:00","cve":"CVE-2025-71269","urls":{"html":"https://cve.report/CVE-2025-71269","api":"https://cve.report/api/cve/CVE-2025-71269.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-71269","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-71269"},"summary":{"title":"btrfs: do not free data reservation in fallback from inline due to -ENOSPC","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not free data reservation in fallback from inline due to -ENOSPC\n\nIf we fail to create an inline extent due to -ENOSPC, we will attempt to\ngo through the normal COW path, reserve an extent, create an ordered\nextent, etc. However we were always freeing the reserved qgroup data,\nwhich is wrong since we will use data. Fix this by freeing the reserved\nqgroup data in __cow_file_range_inline() only if we are not doing the\nfallback (ret is <= 0).","state":"PUBLISHED","assigner":"Linux","published_at":"2026-03-18 18:16:22","updated_at":"2026-04-11 13:16:36"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/f8da41de0bff9eb1d774a7253da0c9f637c4470a","name":"https://git.kernel.org/stable/c/f8da41de0bff9eb1d774a7253da0c9f637c4470a","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/3a9fd45afadec1fbfec72057b9473d509fa8b68c","name":"https://git.kernel.org/stable/c/3a9fd45afadec1fbfec72057b9473d509fa8b68c","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/0a1fbbd780f04d1b6cf48dd327c866ba937de1c4","name":"https://git.kernel.org/stable/c/0a1fbbd780f04d1b6cf48dd327c866ba937de1c4","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/6de3a371a8b9fd095198b1aa68c22cc10a4c6961","name":"https://git.kernel.org/stable/c/6de3a371a8b9fd095198b1aa68c22cc10a4c6961","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/3edd1f6c7c520536b62b2904807033597554dbac","name":"https://git.kernel.org/stable/c/3edd1f6c7c520536b62b2904807033597554dbac","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-71269","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71269","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 94ed938aba557aa798acf496f09afb289b619fcd 3edd1f6c7c520536b62b2904807033597554dbac git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 94ed938aba557aa798acf496f09afb289b619fcd 3a9fd45afadec1fbfec72057b9473d509fa8b68c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 94ed938aba557aa798acf496f09afb289b619fcd 0a1fbbd780f04d1b6cf48dd327c866ba937de1c4 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 94ed938aba557aa798acf496f09afb289b619fcd 6de3a371a8b9fd095198b1aa68c22cc10a4c6961 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 94ed938aba557aa798acf496f09afb289b619fcd f8da41de0bff9eb1d774a7253da0c9f637c4470a git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 4.4","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 4.4 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.168 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.134 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.81 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.10 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.19 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["fs/btrfs/inode.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"3edd1f6c7c520536b62b2904807033597554dbac","status":"affected","version":"94ed938aba557aa798acf496f09afb289b619fcd","versionType":"git"},{"lessThan":"3a9fd45afadec1fbfec72057b9473d509fa8b68c","status":"affected","version":"94ed938aba557aa798acf496f09afb289b619fcd","versionType":"git"},{"lessThan":"0a1fbbd780f04d1b6cf48dd327c866ba937de1c4","status":"affected","version":"94ed938aba557aa798acf496f09afb289b619fcd","versionType":"git"},{"lessThan":"6de3a371a8b9fd095198b1aa68c22cc10a4c6961","status":"affected","version":"94ed938aba557aa798acf496f09afb289b619fcd","versionType":"git"},{"lessThan":"f8da41de0bff9eb1d774a7253da0c9f637c4470a","status":"affected","version":"94ed938aba557aa798acf496f09afb289b619fcd","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["fs/btrfs/inode.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"4.4"},{"lessThan":"4.4","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.168","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.134","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.81","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.10","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"6.19","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.168","versionStartIncluding":"4.4","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.134","versionStartIncluding":"4.4","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.81","versionStartIncluding":"4.4","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.10","versionStartIncluding":"4.4","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.19","versionStartIncluding":"4.4","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not free data reservation in fallback from inline due to -ENOSPC\n\nIf we fail to create an inline extent due to -ENOSPC, we will attempt to\ngo through the normal COW path, reserve an extent, create an ordered\nextent, etc. However we were always freeing the reserved qgroup data,\nwhich is wrong since we will use data. Fix this by freeing the reserved\nqgroup data in __cow_file_range_inline() only if we are not doing the\nfallback (ret is <= 0)."}],"providerMetadata":{"dateUpdated":"2026-04-11T12:45:43.200Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/3edd1f6c7c520536b62b2904807033597554dbac"},{"url":"https://git.kernel.org/stable/c/3a9fd45afadec1fbfec72057b9473d509fa8b68c"},{"url":"https://git.kernel.org/stable/c/0a1fbbd780f04d1b6cf48dd327c866ba937de1c4"},{"url":"https://git.kernel.org/stable/c/6de3a371a8b9fd095198b1aa68c22cc10a4c6961"},{"url":"https://git.kernel.org/stable/c/f8da41de0bff9eb1d774a7253da0c9f637c4470a"}],"title":"btrfs: do not free data reservation in fallback from inline due to -ENOSPC","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2025-71269","datePublished":"2026-03-18T17:40:58.949Z","dateReserved":"2026-03-17T09:08:18.457Z","dateUpdated":"2026-04-11T12:45:43.200Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-03-18 18:16:22","lastModifiedDate":"2026-04-11 13:16:36","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"71269","Ordinal":"1","Title":"btrfs: do not free data reservation in fallback from inline due ","CVE":"CVE-2025-71269","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"71269","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not free data reservation in fallback from inline due to -ENOSPC\n\nIf we fail to create an inline extent due to -ENOSPC, we will attempt to\ngo through the normal COW path, reserve an extent, create an ordered\nextent, etc. However we were always freeing the reserved qgroup data,\nwhich is wrong since we will use data. Fix this by freeing the reserved\nqgroup data in __cow_file_range_inline() only if we are not doing the\nfallback (ret is <= 0).","Type":"Description","Title":"btrfs: do not free data reservation in fallback from inline due "}]}}}