CVE-2025-71265Infinite Loop in Linux

9 documents8 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 18

Description

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an infinite loop when an attribute header indicates an empty run list, while directory entries reference it as containing actual data. In NTFS, setting evcn=-1 with svcn=0 is a valid way to represent an empty

Affected Packages3 packages

Linuxlinux/linux_kernel5.15.05.15.202+5
Debianlinux/linux_kernel< 6.19.6-1
CVEListV5linux/linuxbe71b5cba2e6485e8959da7a9f9a44461a1bb0746f07a590616ff5f57f7c041d98e463fad9e9f763+7

🔴Vulnerability Details

4
OSV
fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata2026-03-18
GHSA
GHSA-mhc2-234v-x4jm: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We2026-03-18
CVEList
fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata2026-03-18
OSV
CVE-2025-71265: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We f2026-03-18

📋Vendor Advisories

3
Red Hat
kernel: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata2026-03-18
Microsoft
fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata2026-03-10
Debian
CVE-2025-71265: linux - In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: ...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71265 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-71265 — Infinite Loop in Linux | cvebase