CVE-2025-40313

Linux Kernel 5.15.0-6.17.7 - DoS via NTFS3 $Extend Record Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ntfs3: pretend $Extend records as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires any inode be one of S_IFDIR/S_IFLNK/S_IFREG/S_IFCHR/S_IFBLK/ S_IFIFO/S_IFSOCK type, use S_IFREG for $Extend records.

References (6)

Core 6

Core References

Patch

https://git.kernel.org/stable/c/63eb6730ce0604d3eacf036c2f68ea70b068317c

Patch

https://git.kernel.org/stable/c/78d46f5276ed3589aaaa435580068c5b62efc921

Patch

https://git.kernel.org/stable/c/17249b2a65274f73ed68bcd1604e08a60fd8a278

Patch

https://git.kernel.org/stable/c/37f65e68ba9852dc51c78dbb54a9881c3f0fe4f7

Patch

https://git.kernel.org/stable/c/57534db1bbc4ca772393bb7d92e69d5e7b9051cf

Patch

https://git.kernel.org/stable/c/4e8011ffec79717e5fdac43a7e79faf811a384b7

Scores

EPSS 0.0006

EPSS Percentile 18.3%

Details

Status published

Products (19)

linux/Kernel 5.15.0 - 5.15.197linux

linux/Kernel 5.16.0 - 6.1.159linux

linux/Kernel 6.13.0 - 6.17.8linux

linux/Kernel 6.2.0 - 6.6.117linux

linux/Kernel 6.7.0 - 6.12.58linux

Linux/Linux < 5.15

Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 17249b2a65274f73ed68bcd1604e08a60fd8a278

Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 37f65e68ba9852dc51c78dbb54a9881c3f0fe4f7

Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 4e8011ffec79717e5fdac43a7e79faf811a384b7

Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 57534db1bbc4ca772393bb7d92e69d5e7b9051cf

... and 9 more

Published Dec 08, 2025

Tracked Since Feb 18, 2026