CVE-2025-40067
BaseFortify
Publication date: 2025-10-28
Last updated on: 2025-10-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's NTFS3 filesystem driver. It happens when the $BITMAP attribute, which tracks usage of index entries, is empty while index blocks already exist on disk. This situation indicates on-disk corruption. Specifically, during a rename operation involving a long filename that spans multiple index entries, the empty bitmap allowed the new name to be added without proper tracking. Later, deleting the original entry failed due to an unexpected index state. The fix involves rejecting cases where the bitmap is empty but index blocks exist.
How can this vulnerability impact me? :
This vulnerability can lead to filesystem corruption or inconsistent index states in the NTFS3 filesystem on Linux. It may cause operations like renaming or deleting files with long filenames to fail unexpectedly, potentially leading to data integrity issues or loss of access to files.
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version that includes the fix for this vulnerability, which rejects index allocation if the $BITMAP is empty but blocks exist. This prevents on-disk corruption related to NTFS index handling. Avoid using malformed NTFS images that could trigger this condition until the patch is applied.