CVE-2025-39884: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-39884 is a vulnerability discovered in the Linux kernel affecting the btrfs filesystem. The issue was disclosed on September 23, 2025, and involves a race condition between inode eviction and inode caching that can cause a live struct btrfs_inode to be missing from the root->inodes xarray (NVD CVE).

The vulnerability stems from a race condition that occurs during inode management in the btrfs filesystem. Specifically, there is a window during evict() between the inode being unhashed and deleted from the xarray. If btrfsiget() is called for the same inode in that window, it will be recreated and inserted into the xarray, but then eviction will delete the new entry, leaving nothing in the xarray. This can lead to issues with subvolume deletion, particularly when an inode is in a lost state and all other inodes are evicted, causing btrfsdelinodefromroot() to call btrfsadddeadroot() prematurely (NVD CVE).

The vulnerability manifests as soft lockups in production environments. If a lost inode has a delayednode attached to it, when btrfscleanonedeletedsnapshot() calls btrfskillalldelayednodes(), it will loop forever because the delayednodes xarray will never become empty, unless memory pressure forces the inode out (NVD CVE).

The issue has been fixed by modifying the code to only delete the xarray entry if it matches the given inode using _xacmpxchg(). Various Linux distributions have released patches, with Debian providing fixes in versions 6.12.48-1 for trixie and 6.16.8-1 for sid (Debian Security).