cve 2025 40205

CVE-2025-40205 is a Linux kernel vulnerability in the Btrfs file-handle encoder that causes an out-of-bounds write in btrfs_encode_fh. Under specific conditions, the function can write eight bytes past the user-supplied buffer, posing a memory-corruption and availability risk in local file-system contexts. The root cause is a size mismatch between what the function advertises and what it actually writes. Upstream patches have been released, and distributors are rolling fixes into kernel packages. This tag covers discussions about the vulnerability, its technical details, and remediation steps for affected systems.