CVE-2025-39835: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-39835 is a vulnerability discovered in the Linux kernel's XFS filesystem implementation, specifically related to how ENODATA disk errors are handled in the xattr (extended attributes) code. The vulnerability was disclosed on September 16, 2025 (NVD).

The vulnerability exists in the XFS filesystem's handling of ENODATA (also known as ENOATTR) errors. When a medium error occurs on disk, it may return ENODATA, which has a specific meaning in the XFS xattr code - indicating that a requested attribute name could not be found. This error handling confusion can lead to incorrect error propagation, where disk I/O errors may be misinterpreted as 'attribute not found' errors when passed to userspace (NVD).

The vulnerability can manifest in two ways: At best, it can cause disk I/O errors to be incorrectly reported to userspace as 'attribute not found' errors. At worst, it can trigger a kernel oops in xfs_attr_leaf_get() due to a null pointer dereference when xfs_trans_brelse is called with a null bp pointer (NVD).

The vulnerability has been patched in various Linux distributions, including Debian's oldstable (bookworm) distribution in version 6.1.153-1. The fix involves modifying how disk errors are handled in the lower-level I/O functions to prevent unique errors from propagating incorrectly into higher XFS functions (Debian Security).