CVE-2025-40313

Summary

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: pretend $Extend records as regular files

Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires any inode be one of S_IFDIR/S_IFLNK/S_IFREG/S_IFCHR/S_IFBLK/ S_IFIFO/S_IFSOCK type, use S_IFREG for $Extend records.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 63eb6730ce0604d3eacf036c2f68ea70b068317caffected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 78d46f5276ed3589aaaa435580068c5b62efc921affected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 17249b2a65274f73ed68bcd1604e08a60fd8a278affected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 37f65e68ba9852dc51c78dbb54a9881c3f0fe4f7affected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 57534db1bbc4ca772393bb7d92e69d5e7b9051cfaffected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 4e8011ffec79717e5fdac43a7e79faf811a384b7affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.197 <= 5.15.*unaffected
LinuxLinux6.1.159 <= 6.1.*unaffected
LinuxLinux6.6.117 <= 6.6.*unaffected
LinuxLinux6.12.58 <= 6.12.*unaffected
LinuxLinux6.17.8 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References