CVE-2021-47145: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON in link_to_fixup_dir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014 RIP: 0010:link_to_fixup_dir+0xd5/0xe0 RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216 RAX: fffffffffffffffb RBX: 00000000fffffffb RCX: ffff8f595287faf0 RDX: ffffb5800180fa37 RSI: ffff8f5954978800 RDI: 0000000000000000 RBP: ffff8f5953af9450 R08: 0000000000000019 R09: 0000000000000001 R10: 000151f408682970 R11: 0000000120021001 R12: ffff8f5954978800 R13: ffff8f595287faf0 R14: ffff8f5953c77dd0 R15: 0000000000000065 FS: 00007fc5284c8c40(0000) GS:ffff8f59bbd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc5287f47c0 CR3: 000000011275e002 CR4: 0000000000370ee0 Call Trace: replay_one_buffer+0x409/0x470 ? btree_read_extent_buffer_pages+0xd0/0x110 walk_up_log_tree+0x157/0x1e0 walk_log_tree+0xa6/0x1d0 btrfs_recover_log_trees+0x1da/0x360 ? replay_one_extent+0x7b0/0x7b0 open_ctree+0x1486/0x1720 btrfs_mount_root.cold+0x12/0xea ? __kmalloc_track_caller+0x12f/0x240 legacy_get_tree+0x24/0x40 vfs_get_tree+0x22/0xb0 vfs_kern_mount.part.0+0x71/0xb0 btrfs_mount+0x10d/0x380 ? vfs_parse_fs_string+0x4d/0x90 legacy_get_tree+0x24/0x40 vfs_get_tree+0x22/0xb0 path_mount+0x433/0xa10 __x64_sys_mount+0xe3/0x120 do_syscall_64+0x3d/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xae We can get -EIO or any number of legitimate errors from btrfs_search_slot(), panicing here is not the appropriate response. The error path for this code handles errors properly, simply return the error.
AI Analysis
Technical Summary
CVE-2021-47145 is a vulnerability identified in the Linux kernel specifically affecting the Btrfs (B-tree file system) implementation. The issue arises from improper handling of error conditions in the function link_to_fixup_dir within the Btrfs codebase. During error injection testing, it was observed that the kernel would trigger a BUG_ON panic when encountering certain error codes returned by btrfs_search_slot(), such as -EIO (Input/Output error). This panic leads to a kernel crash, which is an inappropriate response since the error path is designed to handle such errors gracefully by returning the error code instead of panicking. The root cause is that the code does not properly handle legitimate error returns and instead triggers a kernel BUG, causing a system crash. The stack trace provided shows the panic occurs during the mounting process of a Btrfs filesystem, specifically when replaying log trees and recovering the filesystem state. This vulnerability affects Linux kernel versions containing the specified commit hashes prior to the fix. Although no CVSS score has been assigned, the vulnerability is significant because it can cause a denial of service (DoS) by crashing the kernel when mounting or accessing Btrfs filesystems under certain error conditions. There is no indication that this vulnerability allows privilege escalation or arbitrary code execution, but the forced kernel panic can disrupt system availability. No known exploits are reported in the wild as of the publication date. The fix involves modifying the code to avoid BUG_ON panics and instead return appropriate error codes, allowing the filesystem to handle errors without crashing the kernel.
Potential Impact
For European organizations, the impact of CVE-2021-47145 primarily concerns system availability and operational continuity. Organizations using Linux systems with Btrfs filesystems—common in servers, storage appliances, and some enterprise environments—may experience unexpected kernel panics leading to system crashes during filesystem mount operations or error recovery scenarios. This can result in downtime, potential data unavailability, and disruption of critical services. While this vulnerability does not appear to compromise confidentiality or integrity directly, the denial of service effect can impact business operations, especially in environments relying on Btrfs for data storage or backup solutions. Systems running containerized workloads or virtual machines on Linux hosts with Btrfs may also be affected, potentially causing broader service interruptions. Given that Btrfs is increasingly used in enterprise Linux distributions and some cloud environments, the vulnerability could affect a range of infrastructure components. The absence of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental or maliciously triggered kernel panics. European organizations with strict uptime requirements or those operating critical infrastructure should prioritize addressing this issue to maintain system stability.
Mitigation Recommendations
To mitigate CVE-2021-47145, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the improper BUG_ON panic in the Btrfs code. This is the most effective mitigation as it directly addresses the root cause. 2) Review and monitor systems using Btrfs filesystems for kernel panic logs or mount failures indicative of this issue. 3) Where possible, consider temporarily avoiding the use of Btrfs for critical systems until patched, or use alternative stable filesystems like ext4 or XFS if operationally feasible. 4) Implement robust backup and recovery procedures to minimize data loss risk in case of unexpected crashes. 5) Test kernel updates in staging environments to ensure compatibility and stability before deployment in production. 6) For environments using container or virtualization platforms relying on Btrfs, coordinate with platform vendors to ensure updated kernels are deployed. 7) Employ monitoring and alerting for kernel panics and filesystem errors to enable rapid incident response. These steps go beyond generic advice by focusing on filesystem-specific considerations and operational continuity.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2021-47145: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON in link_to_fixup_dir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014 RIP: 0010:link_to_fixup_dir+0xd5/0xe0 RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216 RAX: fffffffffffffffb RBX: 00000000fffffffb RCX: ffff8f595287faf0 RDX: ffffb5800180fa37 RSI: ffff8f5954978800 RDI: 0000000000000000 RBP: ffff8f5953af9450 R08: 0000000000000019 R09: 0000000000000001 R10: 000151f408682970 R11: 0000000120021001 R12: ffff8f5954978800 R13: ffff8f595287faf0 R14: ffff8f5953c77dd0 R15: 0000000000000065 FS: 00007fc5284c8c40(0000) GS:ffff8f59bbd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc5287f47c0 CR3: 000000011275e002 CR4: 0000000000370ee0 Call Trace: replay_one_buffer+0x409/0x470 ? btree_read_extent_buffer_pages+0xd0/0x110 walk_up_log_tree+0x157/0x1e0 walk_log_tree+0xa6/0x1d0 btrfs_recover_log_trees+0x1da/0x360 ? replay_one_extent+0x7b0/0x7b0 open_ctree+0x1486/0x1720 btrfs_mount_root.cold+0x12/0xea ? __kmalloc_track_caller+0x12f/0x240 legacy_get_tree+0x24/0x40 vfs_get_tree+0x22/0xb0 vfs_kern_mount.part.0+0x71/0xb0 btrfs_mount+0x10d/0x380 ? vfs_parse_fs_string+0x4d/0x90 legacy_get_tree+0x24/0x40 vfs_get_tree+0x22/0xb0 path_mount+0x433/0xa10 __x64_sys_mount+0xe3/0x120 do_syscall_64+0x3d/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xae We can get -EIO or any number of legitimate errors from btrfs_search_slot(), panicing here is not the appropriate response. The error path for this code handles errors properly, simply return the error.
AI-Powered Analysis
Technical Analysis
CVE-2021-47145 is a vulnerability identified in the Linux kernel specifically affecting the Btrfs (B-tree file system) implementation. The issue arises from improper handling of error conditions in the function link_to_fixup_dir within the Btrfs codebase. During error injection testing, it was observed that the kernel would trigger a BUG_ON panic when encountering certain error codes returned by btrfs_search_slot(), such as -EIO (Input/Output error). This panic leads to a kernel crash, which is an inappropriate response since the error path is designed to handle such errors gracefully by returning the error code instead of panicking. The root cause is that the code does not properly handle legitimate error returns and instead triggers a kernel BUG, causing a system crash. The stack trace provided shows the panic occurs during the mounting process of a Btrfs filesystem, specifically when replaying log trees and recovering the filesystem state. This vulnerability affects Linux kernel versions containing the specified commit hashes prior to the fix. Although no CVSS score has been assigned, the vulnerability is significant because it can cause a denial of service (DoS) by crashing the kernel when mounting or accessing Btrfs filesystems under certain error conditions. There is no indication that this vulnerability allows privilege escalation or arbitrary code execution, but the forced kernel panic can disrupt system availability. No known exploits are reported in the wild as of the publication date. The fix involves modifying the code to avoid BUG_ON panics and instead return appropriate error codes, allowing the filesystem to handle errors without crashing the kernel.
Potential Impact
For European organizations, the impact of CVE-2021-47145 primarily concerns system availability and operational continuity. Organizations using Linux systems with Btrfs filesystems—common in servers, storage appliances, and some enterprise environments—may experience unexpected kernel panics leading to system crashes during filesystem mount operations or error recovery scenarios. This can result in downtime, potential data unavailability, and disruption of critical services. While this vulnerability does not appear to compromise confidentiality or integrity directly, the denial of service effect can impact business operations, especially in environments relying on Btrfs for data storage or backup solutions. Systems running containerized workloads or virtual machines on Linux hosts with Btrfs may also be affected, potentially causing broader service interruptions. Given that Btrfs is increasingly used in enterprise Linux distributions and some cloud environments, the vulnerability could affect a range of infrastructure components. The absence of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental or maliciously triggered kernel panics. European organizations with strict uptime requirements or those operating critical infrastructure should prioritize addressing this issue to maintain system stability.
Mitigation Recommendations
To mitigate CVE-2021-47145, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the improper BUG_ON panic in the Btrfs code. This is the most effective mitigation as it directly addresses the root cause. 2) Review and monitor systems using Btrfs filesystems for kernel panic logs or mount failures indicative of this issue. 3) Where possible, consider temporarily avoiding the use of Btrfs for critical systems until patched, or use alternative stable filesystems like ext4 or XFS if operationally feasible. 4) Implement robust backup and recovery procedures to minimize data loss risk in case of unexpected crashes. 5) Test kernel updates in staging environments to ensure compatibility and stability before deployment in production. 6) For environments using container or virtualization platforms relying on Btrfs, coordinate with platform vendors to ensure updated kernels are deployed. 7) Employ monitoring and alerting for kernel panics and filesystem errors to enable rapid incident response. These steps go beyond generic advice by focusing on filesystem-specific considerations and operational continuity.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-03-04T18:12:48.845Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9e93
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/26/2025, 7:35:45 PM
Last updated: 8/9/2025, 6:26:21 PM
Views: 15
Related Threats
CVE-2025-8982: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-8981: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-50862: n/a
MediumCVE-2025-50861: n/a
HighCVE-2025-8978: Insufficient Verification of Data Authenticity in D-Link DIR-619L
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.