CVE-2025-68369

EPSS 0.04%
Veröffentlicht 24.12.2025 10:32:55
Zuletzt bearbeitet 19.01.2026 13:16:11
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: init run lock for extend inode

After setting the inode mode of $Extend to a regular file, executing the
truncate system call will enter the do_truncate() routine, causing the
run_lock uninitialized error reported by syzbot.

Prior to patch 4e8011ffec79, if the inode mode of $Extend was not set to
a regular file, the do_truncate() routine would not be entered.

Add the run_lock initialization when loading $Extend.

syzbot reported:
INFO: trying to register non-static key.
Call Trace:
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 assign_lock_key+0x133/0x150 kernel/locking/lockdep.c:984
 register_lock_class+0x105/0x320 kernel/locking/lockdep.c:1299
 __lock_acquire+0x99/0xd20 kernel/locking/lockdep.c:5112
 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868
 down_write+0x96/0x1f0 kernel/locking/rwsem.c:1590
 ntfs_set_size+0x140/0x200 fs/ntfs3/inode.c:860
 ntfs_extend+0x1d9/0x970 fs/ntfs3/file.c:387
 ntfs_setattr+0x2e8/0xbe0 fs/ntfs3/file.c:808

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 79c8a77b1782e2ace96d063be3c41ba540d1e20a

Version 63eb6730ce0604d3eacf036c2f68ea70b068317c

Status affected

Version < 433d1f7c628c3cbdd7efce064d6c7acd072cf6c4

Version 78d46f5276ed3589aaaa435580068c5b62efc921

Status affected

Version < 907bf69c6b6ce5d038eec7a599d67b45b62624bc

Version 17249b2a65274f73ed68bcd1604e08a60fd8a278

Status affected

Version < 6e17555728bc469d484c59db4a0abc65c19bc315

Version 37f65e68ba9852dc51c78dbb54a9881c3f0fe4f7

Status affected

Version < 19164d8228317f3f1fe2662a9ba587cfe3b2d29e

Version 57534db1bbc4ca772393bb7d92e69d5e7b9051cf

Status affected

Version < ab5e8ebeee1caa4fcf8be7d8d62c0a7165469076

Version 4e8011ffec79717e5fdac43a7e79faf811a384b7

Status affected

Version < be99c62ac7e7af514e4b13f83c891a3cccefaa48

Version 4e8011ffec79717e5fdac43a7e79faf811a384b7

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.18

Status affected

Version < 6.18

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.63

Status unaffected

Version <= 6.17.*

Version 6.17.13

Status unaffected

Version <= 6.18.*

Version 6.18.2

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/6e17555728bc469d484c59db4a0abc65c19bc315

https://git.kernel.org/stable/c/19164d8228317f3f1fe2662a9ba587cfe3b2d29e

https://git.kernel.org/stable/c/ab5e8ebeee1caa4fcf8be7d8d62c0a7165469076

https://git.kernel.org/stable/c/be99c62ac7e7af514e4b13f83c891a3cccefaa48

https://git.kernel.org/stable/c/433d1f7c628c3cbdd7efce064d6c7acd072cf6c4

https://git.kernel.org/stable/c/907bf69c6b6ce5d038eec7a599d67b45b62624bc

https://git.kernel.org/stable/c/79c8a77b1782e2ace96d063be3c41ba540d1e20a

https://nvd.nist.gov/vuln/detail/CVE-2025-68369

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68369

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68369

EUVD