CVE-2025-68369

EPSS 0.07%
Veröffentlicht 24.12.2025 10:32:55
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

ntfs3: init run lock for extend inode

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: init run lock for extend inode

After setting the inode mode of $Extend to a regular file, executing the
truncate system call will enter the do_truncate() routine, causing the
run_lock uninitialized error reported by syzbot.

Prior to patch 4e8011ffec79, if the inode mode of $Extend was not set to
a regular file, the do_truncate() routine would not be entered.

Add the run_lock initialization when loading $Extend.

syzbot reported:
INFO: trying to register non-static key.
Call Trace:
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 assign_lock_key+0x133/0x150 kernel/locking/lockdep.c:984
 register_lock_class+0x105/0x320 kernel/locking/lockdep.c:1299
 __lock_acquire+0x99/0xd20 kernel/locking/lockdep.c:5112
 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868
 down_write+0x96/0x1f0 kernel/locking/rwsem.c:1590
 ntfs_set_size+0x140/0x200 fs/ntfs3/inode.c:860
 ntfs_extend+0x1d9/0x970 fs/ntfs3/file.c:387
 ntfs_setattr+0x2e8/0xbe0 fs/ntfs3/file.c:808

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

CNA 2 VulnDex Vulnerability Enrichment 6

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 63eb6730ce0604d3eacf036c2f68ea70b068317c

Version < 79c8a77b1782e2ace96d063be3c41ba540d1e20a

Status affected

Version 78d46f5276ed3589aaaa435580068c5b62efc921

Version < 433d1f7c628c3cbdd7efce064d6c7acd072cf6c4

Status affected

Version 17249b2a65274f73ed68bcd1604e08a60fd8a278

Version < 907bf69c6b6ce5d038eec7a599d67b45b62624bc

Status affected

Version 37f65e68ba9852dc51c78dbb54a9881c3f0fe4f7

Version < 6e17555728bc469d484c59db4a0abc65c19bc315

Status affected

Version 57534db1bbc4ca772393bb7d92e69d5e7b9051cf

Version < 19164d8228317f3f1fe2662a9ba587cfe3b2d29e

Status affected

Version 4e8011ffec79717e5fdac43a7e79faf811a384b7

Version < ab5e8ebeee1caa4fcf8be7d8d62c0a7165469076

Status affected

Version 4e8011ffec79717e5fdac43a7e79faf811a384b7

Version < be99c62ac7e7af514e4b13f83c891a3cccefaa48

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.18

Status affected

Version 0

Version < 6.18

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.63

Status unaffected

Version <= 6.17.*

Version 6.17.13

Status unaffected

Version <= 6.18.*

Version 6.18.2

Status unaffected

Version <= *

Version 6.19

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.208

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/6e17555728bc469d484c59db4a0abc65c19bc315

https://git.kernel.org/stable/c/19164d8228317f3f1fe2662a9ba587cfe3b2d29e

https://git.kernel.org/stable/c/ab5e8ebeee1caa4fcf8be7d8d62c0a7165469076

https://git.kernel.org/stable/c/be99c62ac7e7af514e4b13f83c891a3cccefaa48

https://git.kernel.org/stable/c/433d1f7c628c3cbdd7efce064d6c7acd072cf6c4

https://git.kernel.org/stable/c/907bf69c6b6ce5d038eec7a599d67b45b62624bc

https://git.kernel.org/stable/c/79c8a77b1782e2ace96d063be3c41ba540d1e20a

https://nvd.nist.gov/vuln/detail/CVE-2025-68369

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68369

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68369

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-68369