CVE-2025-68727

Summary

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: Fix uninit buffer allocated by __getname()

Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux78ab59fee07f22464f32eafebab2bd97ba94ff2d < 90e23db1a85956026999c18e76f402542cb004daaffected
LinuxLinux78ab59fee07f22464f32eafebab2bd97ba94ff2d < 53f4d6cb97096590410f3719f75cdf9fc5120f37affected
LinuxLinux78ab59fee07f22464f32eafebab2bd97ba94ff2d < dcb5e3cd96b77d52bb65988e4c914636a6d4fdd9affected
LinuxLinux78ab59fee07f22464f32eafebab2bd97ba94ff2d < 4b1fd82848fdf0e01b3320815b261006c1722c3eaffected
LinuxLinux78ab59fee07f22464f32eafebab2bd97ba94ff2d < d88d4b455b6794f48d7adad52593f1700c7bd50eaffected
LinuxLinux78ab59fee07f22464f32eafebab2bd97ba94ff2d < b40a4eb4a0543d49686a6e693745009dac3b86a9affected
LinuxLinux78ab59fee07f22464f32eafebab2bd97ba94ff2d < 9948dcb2f7b5a1bf8e8710eafaf6016e00be3ad6affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.198 <= 5.15.*unaffected
LinuxLinux6.1.160 <= 6.1.*unaffected
LinuxLinux6.6.120 <= 6.6.*unaffected
LinuxLinux6.12.63 <= 6.12.*unaffected
LinuxLinux6.17.13 <= 6.17.*unaffected
LinuxLinux6.18.2 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References