{"id":"CVE-2021-47145","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not BUG_ON in link_to_fixup_dir\n\nWhile doing error injection testing I got the following panic\n\n  kernel BUG at fs/btrfs/tree-log.c:1862!\n  invalid opcode: 0000 [#1] SMP NOPTI\n  CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014\n  RIP: 0010:link_to_fixup_dir+0xd5/0xe0\n  RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216\n  RAX: fffffffffffffffb RBX: 00000000fffffffb RCX: ffff8f595287faf0\n  RDX: ffffb5800180fa37 RSI: ffff8f5954978800 RDI: 0000000000000000\n  RBP: ffff8f5953af9450 R08: 0000000000000019 R09: 0000000000000001\n  R10: 000151f408682970 R11: 0000000120021001 R12: ffff8f5954978800\n  R13: ffff8f595287faf0 R14: ffff8f5953c77dd0 R15: 0000000000000065\n  FS:  00007fc5284c8c40(0000) GS:ffff8f59bbd00000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 00007fc5287f47c0 CR3: 000000011275e002 CR4: 0000000000370ee0\n  Call Trace:\n   replay_one_buffer+0x409/0x470\n   ? btree_read_extent_buffer_pages+0xd0/0x110\n   walk_up_log_tree+0x157/0x1e0\n   walk_log_tree+0xa6/0x1d0\n   btrfs_recover_log_trees+0x1da/0x360\n   ? replay_one_extent+0x7b0/0x7b0\n   open_ctree+0x1486/0x1720\n   btrfs_mount_root.cold+0x12/0xea\n   ? __kmalloc_track_caller+0x12f/0x240\n   legacy_get_tree+0x24/0x40\n   vfs_get_tree+0x22/0xb0\n   vfs_kern_mount.part.0+0x71/0xb0\n   btrfs_mount+0x10d/0x380\n   ? vfs_parse_fs_string+0x4d/0x90\n   legacy_get_tree+0x24/0x40\n   vfs_get_tree+0x22/0xb0\n   path_mount+0x433/0xa10\n   __x64_sys_mount+0xe3/0x120\n   do_syscall_64+0x3d/0x80\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nWe can get -EIO or any number of legitimate errors from\nbtrfs_search_slot(), panicing here is not the appropriate response.  The\nerror path for this code handles errors properly, simply return the\nerror.","modified":"2026-03-15T22:00:15.972257Z","published":"2024-03-25T09:15:08.993Z","related":["SUSE-SU-2024:2493-1","SUSE-SU-2024:2561-1","SUSE-SU-2024:2901-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/0ed102453aa1cd12fefde8f6b60b9519b0b1f003"},{"type":"FIX","url":"https://git.kernel.org/stable/c/6eccfb28f8dca70c9b1b3bb3194ca54cbe73a9fa"},{"type":"FIX","url":"https://git.kernel.org/stable/c/76bfd8ac20bebeae599452a03dfc5724c0475dcf"},{"type":"FIX","url":"https://git.kernel.org/stable/c/7e13db503918820e6333811cdc6f151dcea5090a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/91df99a6eb50d5a1bc70fff4a09a0b7ae6aab96d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/b545442133580dcb2f2496133bf850824d41255c"},{"type":"FIX","url":"https://git.kernel.org/stable/c/e934c4ee17b33bafb0444f2f9766cda7166d3c40"},{"type":"FIX","url":"https://git.kernel.org/stable/c/0eaf383c6a4a83c09f60fd07a1bea9f1a9181611"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.4.271"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.271"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.235"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.193"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.124"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.42"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.12.9"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47145.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}