CVE-2025-68365

Summary

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Initialize allocated memory before use

KMSAN reports: Multiple uninitialized values detected:

  • KMSAN: uninit-value in ntfs_read_hdr (3)
  • KMSAN: uninit-value in bcmp (3)

Memory is allocated by __getname(), which is a wrapper for kmem_cache_alloc(). This memory is used before being properly cleared. Change kmem_cache_alloc() to kmem_cache_zalloc() to properly allocate and clear memory before use.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < bdf38063fd15f2fc7361dc0b5d3c259741eab835affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < a58e29849aef8d26554a982989a2190b49aaf8edaffected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 7d52c592cf53f5bb7163967edc01d2d7d80de44aaffected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < f7728057220cabd720e27e46097edad48e5bd728affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 192e8ce302f14ac66259231dd10cede19858d742affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < a8a3ca23bbd9d849308a7921a049330dc6c91398affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.199 <= 5.15.*unaffected
LinuxLinux6.1.162 <= 6.1.*unaffected
LinuxLinux6.6.122 <= 6.6.*unaffected
LinuxLinux6.12.68 <= 6.12.*unaffected
LinuxLinux6.18.2 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References