CVE-2025-71267
Infinite Loop DoS in Linux Kernel ntfs3 Filesystem
Publication date: 2026-03-18
Last updated on: 2026-03-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's ntfs3 file system driver. It involves an infinite loop triggered by a zero-sized ATTR_LIST attribute in a malformed NTFS image.
When the ntfs_load_attr_list() function processes an ATTR_LIST attribute with a data size of zero, it still allocates memory due to a function call (al_aligned(0)). This leads to an inconsistent internal state where the attribute list size is zero but the attribute list pointer is non-null.
Because of this inconsistency, the enumeration function incorrectly assumes no attribute list exists and only processes the primary MFT record. When it encounters the ATTR_LIST again, it reloads and restarts enumeration indefinitely, causing an infinite loop.
This infinite loop causes the kernel thread handling the mount operation to hang, effectively causing a Denial-of-Service (DoS) condition.
The vulnerability was fixed by adding validation to ensure that the data size is non-zero before allocating memory. If a zero-sized ATTR_LIST is detected, the function returns an error (-EINVAL), preventing the infinite loop and DoS.
How can this vulnerability impact me? :
This vulnerability can lead to a Denial-of-Service (DoS) condition on systems using the Linux kernel's ntfs3 file system driver.
Specifically, if a malformed NTFS image containing a zero-sized ATTR_LIST attribute is processed, the kernel thread responsible for mounting the file system can enter an infinite loop and hang.
This means that the affected system could become unresponsive or unable to mount certain NTFS file systems, potentially disrupting normal operations and access to data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version that includes the patch fixing the infinite loop in the ntfs3 file system.
The patch adds validation to ensure that zero-sized ATTR_LIST attributes do not cause memory allocation and infinite loops, preventing the Denial-of-Service condition.
Until the update is applied, avoid mounting potentially malformed NTFS images that could trigger this issue.