CVE-2025-22081

Summary

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fix a couple integer overflows on 32bit systems

On 32bit systems the "off + sizeof(struct NTFS_DE)" addition can have an integer wrapping issue. Fix it by using size_add().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 0922d86a7a6032cb1694eab0b44b861bd33ba8d5affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 1a14e9718a19d2e88de004a1360bfd7a86ed1395affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 0dfe700fbd3525f30a36ffbe390a5b9319bd009aaffected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 284c9549386e9883855fb82b730303bb2edea9deaffected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 0538f52410b619737e663167b6a2b2d0bc1a589daffected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 4d0f4f42922a832388a0c2fe5204c0a1037ff786affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 5ad414f4df2294b28836b5b7b69787659d6aa708affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.180 <= 5.15.*unaffected
LinuxLinux6.1.134 <= 6.1.*unaffected
LinuxLinux6.6.87 <= 6.6.*unaffected
LinuxLinux6.12.23 <= 6.12.*unaffected
LinuxLinux6.13.11 <= 6.13.*unaffected
LinuxLinux6.14.2 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References