CVE-2025-21722: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-21722 affects the Linux kernel's NILFS2 filesystem implementation. The vulnerability was discovered in February 2025 and involves inconsistencies in buffer state management when the filesystem detects corruption and falls back to read-only mode. The issue specifically affects the nilfs2 filesystem module in the Linux kernel (Kernel Git).

The vulnerability occurs when the filesystem's page/folio write request handlers forcibly clear various states, including working states of buffers, at unexpected times during read-only fallback. This leads to two specific issues: 1) Inconsistency when calling markbufferdirty() to set data or metadata buffers as dirty while detecting the buffer is not in uptodate state, and 2) Incorrect state detection in nilfsbtreepropagate() when propagating dirty states to ancestor nodes of a b-tree (Kernel Git). The vulnerability has been assigned a CVSS v3 Base Score of 5.5 with Local attack vector and Low attack complexity (Red Hat Portal).

When exploited, this vulnerability can lead to buffer head state inconsistency issues and associated buffer head use-after-free problems when the filesystem is corrupted and falls back to read-only mode. This can potentially result in system instability and filesystem corruption (Kernel Git).

A patch has been developed and merged into the Linux kernel that checks if the buffer is referenced before clearing the page/folio state, and skips the clear operation if the buffer is in use. The fix has been confirmed effective through testing by syzbot (Kernel Git).