btrfs

CVE-2026-43118 is a Linux kernel Btrfs vulnerability published on May 6, 2026, in which log replay after a crash can restore a truncated file with its old non-zero size under a specific fsync, hardlink, or rename sequence. That sounds like a narrow filesystem corner case because it is one. But...

Background A newly published Linux kernel CVE is drawing attention to a subtle but very real Btrfs failure mode: subvolumes can wind up with broken dentries, making them appear present to the VFS while behaving like dead entries underneath. In the reported scenario, ls shows a subvolume name in...

There is a reason so many Linux users stop flinching at the sight of an update prompt: filesystem snapshots turn software updates from a gamble into a reversible action. Instead of hoping a patch lands cleanly, the system can preserve a working state first and let you roll back in minutes if...

A recently disclosed robustness bug in the Linux kernel’s Btrfs implementation can trigger an assertion failure and a kernel crash when a newly created subvolume is read before the filesystem has finished the final steps of subvolume creation, producing a local-denial-of-service condition that...

Microsoft’s short MSRC line that “Azure Linux includes this open‑source library and is therefore potentially affected” is correct — but it is a product‑scoped attestation, not a universal guarantee that no other Microsoft product can contain the same vulnerable btrfs code. Treat Azure Linux as a...

Microsoft’s short advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a categorical guarantee that no other Microsoft product can carry the same vulnerable Btrfs code. Background / Overview...

A race in btrfs's space bookkeeping has been fixed upstream after discovery of a non-atomic bitfield write in btrfs_clear_space_info_full that can leave the filesystem's reclaim infrastructure in a permanently inconsistent state — tracked as CVE-2025-68358. Background Btrfs is a modern...

Microsoft’s short advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a proof that no other Microsoft product or artifact could contain the same vulnerable btrfs code. The upstream CVE...

A recently assigned CVE—CVE-2025-40303—targets a corner case in the Linux kernel’s Btrfs implementation that can cause metadata writeback to proceed on a filesystem that has already been marked “in error,” leading to queueing of new work on workqueues that have been stopped and, in certain RAID...

A subtle but important memory-safety bug in the Linux kernel’s Btrfs file-handle encoder has been fixed upstream: CVE-2025-40205 closes an out‑of‑bounds write in btrfs_encode_fh that could, in specific circumstances, write eight bytes past the user-supplied buffer. This is primarily an...

A subtle race in Btrfs ordered-extent accounting can lead to a kernel panic: CVE-2024-58089 fixes a double‑accounting race in btrfs_run_delalloc_range that, when triggered on systems where block size (4K) is smaller than page size (64K) — commonly on certain aarch64 configurations — can...

A subtle race between Btrfs readahead and RAID stripe-tree lookups can trigger a kernel BUG that crashes systems performing block-group relocation — CVE-2024-49932 fixes this by skipping readahead of the relocation inode when the filesystem is backed by a RAID stripe tree, but operators must...

Microsoft’s short advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” accurately describes the inventory Microsoft has completed — but it is a product‑scoped attestation, not a categorical statement that no other Microsoft product can include the...

Microsoft’s brief advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a categorical statement that no other Microsoft product can contain the same vulnerable Btrfs code. Background /...

Short answer (TL;DR) No — Azure Linux is the only Microsoft product Microsoft has publicly attested (via its MSRC/VEX/CSAF work) to include the upstream btrfs code for CVE‑2025‑22115 so far, but that statement is a scoped inventory attestation, not a proof that no other Microsoft‑distributed...

Microsoft’s public notice that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — and important — but it does not mean Azure Linux is the only Microsoft product that could contain the vulnerable Btrfs code. The Azure Linux attestation is a...

The Linux kernel bug tracked as CVE‑2024‑41067 — a Btrfs scrub path error that can trigger an ASSERT and host instability — has been publicly fixed upstream, and Microsoft’s published advisory names Azure Linux as a Microsoft‑branded product that includes the affected open‑source component and...

A use-after-free bug in the Btrfs filesystem implementation has been patched in the Linux kernel under CVE-2024-50217, a high-severity flaw that can be triggered by a local attacker mounting specially crafted images and that can cause a sustained or persistent denial-of-service by corrupting...

Short answer (straight to your question) No — “Azure Linux” is not provably the only Microsoft product that can contain the vulnerable btrfs code. It is the only Microsoft product Microsoft has publicly mapped and attested (via its VEX/CSAF output / Security Update Guide) to include the...

A Linux kernel bug in the Btrfs filesystem — tracked as CVE-2025-39779 — can cause write-ordering guarantees to be violated by prematurely clearing the PAGECACHE_TAG_TOWRITE tag on subpage folios, with downstream effects that include kernel assertions, crashes, and availability failures...