-
CVE-2025-40067
- EPSS 0.03%
- Veröffentlicht 28.10.2025 11:48:37
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist Index allocation requires at least one bit in the $BITMAP attribute to track usage of index entries. If the bitmap is empty while index blocks are already present, this reflects on-disk corruption. syzbot triggered this condition using a malformed NTFS image. During a rename() operation involving a long filename (which spans multiple index entries), the empty bitmap allowed the name to be added without valid tracking. Subsequent deletion of the original entry failed with -ENOENT, due to unexpected index state. Reject such cases by verifying that the bitmap is not empty when index blocks exist.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
b35a50d639ca5259466ef5fea85529bb4fb17d5b
Version <
978aac54e93ea35aab20b32ae393d3d33964e7ae
Status
affected
Version
3ed2cc6a6e93fbeb8c0cafce1e7fb1f64a331dcc
Version <
be66551da203862c689c12e1d35ce87217c017c1
Status
affected
Version
d99208b91933fd2a58ed9ed321af07dacd06ddc3
Version <
039ddf353cc33f6546a87ec1ac3210637d714bec
Status
affected
Version
d99208b91933fd2a58ed9ed321af07dacd06ddc3
Version <
0dc7117da8f92dd5fe077d712a756eccbe377d40
Status
affected
Version
358d4f821c03add421a4c49290538a705852ccf1
Status
affected
Version
a285395020780adac1ffbc844069c3d700bf007a
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.17
Status
affected
Version
0
Version <
6.17
Status
unaffected
Version <=
6.6.*
Version
6.6.112
Status
unaffected
Version <=
6.12.*
Version
6.12.53
Status
unaffected
Version <=
6.17.*
Version
6.17.3
Status
unaffected
Version <=
*
Version
6.18
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.078 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|