{"id":"CVE-2025-71295","summary":"fs/buffer: add alert in try_to_free_buffers() for folios without buffers","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/buffer: add alert in try_to_free_buffers() for folios without buffers\n\ntry_to_free_buffers() can be called on folios with no buffers attached\nwhen filemap_release_folio() is invoked on a folio belonging to a mapping\nwith AS_RELEASE_ALWAYS set but no release_folio operation defined.\n\nIn such cases, folio_needs_release() returns true because of the\nAS_RELEASE_ALWAYS flag, but the folio has no private buffer data. This\ncauses try_to_free_buffers() to call drop_buffers() on a folio with no\nbuffers, leading to a null pointer dereference.\n\nAdding a check in try_to_free_buffers() to return early if the folio has no\nbuffers attached, with WARN_ON_ONCE() to alert about the misconfiguration.\nThis provides defensive hardening.","modified":"2026-07-08T07:28:21.252712661Z","published":"2026-05-06T11:32:25.917Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71295.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1b111a69a6e33a922622bf9870e4e63fb2b649c8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/42c32d7571ccd8ef32351cac506f00b0fae99fd2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/727e5140e0cf83b4ce6a11b89bb73bff5d96f8f3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b68f91ef3b3fe82ad78c417de71b675699a8467c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c1b6227555c52781178132b7a06466711855795c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6246ca15999053d2632fbcc7b86e6eef7f077cb"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71295.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71295"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d0eafc763135508be118dac208887a26c0adb74d"},{"fixed":"1b111a69a6e33a922622bf9870e4e63fb2b649c8"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b4fa966f03b7401ceacd4ffd7227197afb2b8376"},{"fixed":"c1b6227555c52781178132b7a06466711855795c"},{"fixed":"727e5140e0cf83b4ce6a11b89bb73bff5d96f8f3"},{"fixed":"42c32d7571ccd8ef32351cac506f00b0fae99fd2"},{"fixed":"c6246ca15999053d2632fbcc7b86e6eef7f077cb"},{"fixed":"b68f91ef3b3fe82ad78c417de71b675699a8467c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6.1.72"},{"fixed":"6.1.165"}]}],"versions":["v6.1.164","v6.1.163","v6.1.162","v6.1.161","v6.1.160","v6.1.159","v6.1.158","v6.1.157","v6.1.156","v6.1.155","v6.1.154","v6.1.153","v6.1.152","v6.1.151","v6.1.150","v6.1.149","v6.1.148","v6.1.147","v6.1.146","v6.1.145","v6.1.144","v6.1.143","v6.1.142","v6.1.141","v6.1.140","v6.1.139","v6.1.138","v6.1.137","v6.1.136","v6.1.135","v6.1.134","v6.1.133","v6.1.132","v6.1.131","v6.1.130","v6.1.129","v6.1.128","v6.1.127","v6.1.126","v6.1.125","v6.1.124","v6.1.123","v6.1.122","v6.1.121","v6.1.120","v6.1.119","v6.1.118","v6.1.117","v6.1.116","v6.1.115","v6.1.114","v6.1.113","v6.1.112","v6.1.111","v6.1.110","v6.1.109","v6.1.108","v6.1.107","v6.1.106","v6.1.105","v6.1.104","v6.1.103","v6.1.102","v6.1.101","v6.1.100","v6.1.99","v6.1.98","v6.1.97","v6.1.96","v6.1.95","v6.1.94","v6.1.93","v6.1.92","v6.1.91","v6.1.90","v6.1.89","v6.1.88","v6.1.87","v6.1.86","v6.1.85","v6.1.84","v6.1.83","v6.1.82","v6.1.81","v6.1.80","v6.1.79","v6.1.78","v6.1.77","v6.1.76","v6.1.75","v6.1.74","v6.1.73","v6.1.72"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71295.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.165"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.128"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.6.0"},{"fixed":"6.12.75"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.18.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.19.6"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71295.json"}}],"schema_version":"1.7.5"}