CVE-2025-40067
Linux Kernel - Denial of Service via Malformed NTFS Image Index Allocation
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist Index allocation requires at least one bit in the $BITMAP attribute to track usage of index entries. If the bitmap is empty while index blocks are already present, this reflects on-disk corruption. syzbot triggered this condition using a malformed NTFS image. During a rename() operation involving a long filename (which spans multiple index entries), the empty bitmap allowed the name to be added without valid tracking. Subsequent deletion of the original entry failed with -ENOENT, due to unexpected index state. Reject such cases by verifying that the bitmap is not empty when index blocks exist.
References (4)
Core 4
Core References
Scores
EPSS
0.0018
EPSS Percentile
8.1%
Details
Status
published
Products (19)
linux/Kernel
< 6.6.112linux
linux/Kernel
6.13.0 - 6.17.3linux
linux/Kernel
6.7.0 - 6.12.53linux
Linux/Linux
< 6.17
Linux/Linux
358d4f821c03add421a4c49290538a705852ccf1
Linux/Linux
3ed2cc6a6e93fbeb8c0cafce1e7fb1f64a331dcc - be66551da203862c689c12e1d35ce87217c017c1
Linux/Linux
6.12.42 - 6.12.53
Linux/Linux
6.12.53 - 6.12.*
Linux/Linux
6.15.10 - 6.16
Linux/Linux
6.16.1 - 6.17
... and 9 more
Published
Oct 28, 2025
Tracked Since
Feb 18, 2026