CVE-2025-40287
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix improper check of dentry.stream.valid_size
We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service (DoS) condition. When a dentry in an exFAT filesystem is malformed, the following system calls — SYS_openat, SYS_ftruncate, and SYS_pwrite64 — can cause the kernel to hang.
Root cause analysis shows that the size validation code in exfat_find() does not check whether dentry.stream.valid_size is negative. As a result, the system calls mentioned above can succeed and eventually trigger the DoS issue.
This patch adds a check for negative dentry.stream.valid_size to prevent this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 11a347fb6cef62ce47e84b97c45f2b2497c7593b < 6c627bcc1896ba62ec793d0c00da74f3c93ce3ad | affected |
| Linux | Linux | 11a347fb6cef62ce47e84b97c45f2b2497c7593b < 204b1b02ee018ba52ad2ece21fe3a8643d66a1b2 | affected |
| Linux | Linux | 11a347fb6cef62ce47e84b97c45f2b2497c7593b < 82ebecdc74ff555daf70b811d854b1f32a296bea | affected |
| Linux | Linux | 6.8 | affected |
| Linux | Linux | 0 < 6.8 | unaffected |
| Linux | Linux | 6.12.59 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.9 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/6c627bcc1896ba62ec793d0c00da74f3c93ce3ad
- https://git.kernel.org/stable/c/204b1b02ee018ba52ad2ece21fe3a8643d66a1b2
- https://git.kernel.org/stable/c/82ebecdc74ff555daf70b811d854b1f32a296bea
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.