CVE-2025-40067

Linux Kernel - Denial of Service via Malformed NTFS Image Index Allocation

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist Index allocation requires at least one bit in the $BITMAP attribute to track usage of index entries. If the bitmap is empty while index blocks are already present, this reflects on-disk corruption. syzbot triggered this condition using a malformed NTFS image. During a rename() operation involving a long filename (which spans multiple index entries), the empty bitmap allowed the name to be added without valid tracking. Subsequent deletion of the original entry failed with -ENOENT, due to unexpected index state. Reject such cases by verifying that the bitmap is not empty when index blocks exist.

Scores

EPSS 0.0018
EPSS Percentile 8.1%

Details

Status published
Products (19)
linux/Kernel < 6.6.112linux
linux/Kernel 6.13.0 - 6.17.3linux
linux/Kernel 6.7.0 - 6.12.53linux
Linux/Linux < 6.17
Linux/Linux 358d4f821c03add421a4c49290538a705852ccf1
Linux/Linux 3ed2cc6a6e93fbeb8c0cafce1e7fb1f64a331dcc - be66551da203862c689c12e1d35ce87217c017c1
Linux/Linux 6.12.42 - 6.12.53
Linux/Linux 6.12.53 - 6.12.*
Linux/Linux 6.15.10 - 6.16
Linux/Linux 6.16.1 - 6.17
... and 9 more
Published Oct 28, 2025
Tracked Since Feb 18, 2026