CVE-2025-71266
Analyzed Analyzed - Analysis Complete
Infinite Loop DoS in Linux Kernel ntfs3 Filesystem Lookup

Publication date: 2026-03-18

Last updated on: 2026-05-21

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed dentry in the ntfs3 filesystem can cause the kernel to hang during the lookup operations. By setting the HAS_SUB_NODE flag in an INDEX_ENTRY within a directory's INDEX_ALLOCATION block and manipulating the VCN pointer, an attacker can cause the indx_find() function to repeatedly read the same block, allocating 4 KB of memory each time. The kernel lacks VCN loop detection and depth limits, causing memory exhaustion and an OOM crash. This patch adds a return value check for fnd_push() to prevent a memory exhaustion vulnerability caused by infinite loops. When the index exceeds the size of the fnd->nodes array, fnd_push() returns -EINVAL. The indx_find() function checks this return value and stops processing, preventing further memory allocation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-18
Last Modified
2026-05-21
Generated
2026-06-16
AI Q&A
2026-03-18
EPSS Evaluated
2026-06-15
NVD
CVE-2025-71266
EUVD
EUVD-2025-208819
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.15
linux linux_kernel From 6.2 (inc) to 6.6.128 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.75 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.16 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.6 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.165 (exc)
linux linux_kernel From 5.15.1 (inc) to 5.15.202 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-835 The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's ntfs3 file system. It is caused by an infinite loop bug in the indx_find() function during directory lookup operations.

An attacker can exploit this by crafting a malformed directory entry (dentry) that sets the HAS_SUB_NODE flag in an INDEX_ENTRY and manipulates the VCN pointer. This causes indx_find() to repeatedly read the same block and allocate 4 KB of memory each time without detecting the loop.

Because the kernel does not have loop detection or depth limits for this operation, it leads to memory exhaustion and an out-of-memory (OOM) crash, effectively causing a Denial-of-Service (DoS) condition.

The vulnerability was fixed by adding a return value check in the fnd_push() function to detect when the index exceeds the nodes array size, allowing indx_find() to stop processing and prevent further memory allocation.

Impact Analysis

This vulnerability can impact you by causing a Denial-of-Service (DoS) condition on systems running the affected Linux kernel with the ntfs3 file system.

An attacker can exploit the infinite loop bug to cause the kernel to hang and exhaust system memory, leading to an out-of-memory crash.

This can result in system instability, downtime, and potential loss of availability of services or data hosted on the affected system.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version that includes the patch fixing the infinite loop bug in the ntfs3 filesystem.

The patch adds a return value check in the indx_find() function to prevent memory exhaustion caused by infinite loops triggered by malformed directory entries.

Until the update is applied, avoid mounting or accessing NTFS3 filesystems that could contain malformed directory entries to reduce the risk of triggering the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71266. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart