CVE-2025-71267Infinite Loop in Linux

9 documents8 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 18

Description

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an infinite loop when an ATTR_LIST attribute indicates a zero data size while the driver allocates memory for it. When ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, it still allocates memo

Affected Packages3 packages

Linuxlinux/linux_kernel5.15.05.15.202+5
Debianlinux/linux_kernel< 6.19.6-1
CVEListV5linux/linuxbe71b5cba2e6485e8959da7a9f9a44461a1bb0749267d99fade76d44d4a133599524031fe684156e+7

🔴Vulnerability Details

4
CVEList
fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST2026-03-18
GHSA
GHSA-j72w-3754-92gg: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infin2026-03-18
OSV
fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST2026-03-18
OSV
CVE-2025-71267: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinit2026-03-18

📋Vendor Advisories

3
Red Hat
kernel: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST2026-03-18
Microsoft
fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST2026-03-10
Debian
CVE-2025-71267: linux - In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: ...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71267 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-71267 — Infinite Loop in Linux | cvebase