CVE-2025-71067Linux vulnerability

14 documents7 sources
Severity
6.4MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
LinuxLinux KernelDebian Linux+10 more
Timeline
PublishedJan 13
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read boot_block when mounting When mounting, sb->s_blocksize is used to read the boot_block without being defined or validated. Set a dummy blocksize before attempting to read the boot_block. The issue can be triggered with the following syz reproducer: mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x121403, 0x0) ioctl$F

Affected Packages14 packages

Linuxlinux/linux_kernel5.15.06.1.167+3
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linux28861e3bbd9e7ac4cd9c811aad71b4d116e279300c9327c8abf9c8f046e45008bb43d94d8ee5c6c5+5
debiandebian/linux< linux 6.18.3-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2025-71067: In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read boot_block when mounting When mounting, sb->s_bl2026-01-13
GHSA
GHSA-wq7w-gfpq-89g4: In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read boot_block when mounting When mounting, sb->s_2026-01-13
OSV
ntfs: set dummy blocksize to read boot_block when mounting2026-01-13

📋Vendor Advisories

9
Ubuntu
Linux kernel (GCP) vulnerabilities2026-04-17
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-71067 Impact, Exploitability, and Mitigation Steps | Wiz