CVE-2025-38707

HIGH

Linux Kernel 5.15-6.16.2 - DoS via NTFS3 File Name Length Check Bypass

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size.

References (9)

Core 9

Core References

Third Party Advisory, Mailing List

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Patch

https://git.kernel.org/stable/c/bde58c1539f3ffddffc94d64007de16964e6b8eb

Patch

https://git.kernel.org/stable/c/f99eb9a641f4ef927d8724f4966dcfd1f0e9f835

Patch

https://git.kernel.org/stable/c/3572737a768dadea904ebc4eb34b6ed575bb72d9

Patch

https://git.kernel.org/stable/c/2ac47f738ddfc1957a33be163bc97ee8f78e85a6

Patch

https://git.kernel.org/stable/c/b51642fc52d1c7243a9361555d5c4b24d7569d7e

Patch

https://git.kernel.org/stable/c/27ee9a42b245efe6529e28b03453291a775cb3e4

Patch

https://git.kernel.org/stable/c/e841ecb139339602bc1853f5f09daa5d1ea920a2

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-032379.html

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 6.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (24)

debian/debian_linux 11.0

linux/Kernel 5.15.0 - 5.15.190linux

linux/Kernel 5.16.0 - 6.1.149linux

linux/Kernel 6.13.0 - 6.15.11linux

linux/Kernel 6.16.0 - 6.16.2linux

linux/Kernel 6.2.0 - 6.6.103linux

linux/Kernel 6.7.0 - 6.12.43linux

Linux/Linux < 5.15

Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 27ee9a42b245efe6529e28b03453291a775cb3e4

Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 2ac47f738ddfc1957a33be163bc97ee8f78e85a6

... and 14 more

Published Sep 04, 2025

Tracked Since Feb 18, 2026