SB2025090873 - Improper locking in Linux kernel ntfs3
Published: September 8, 2025
Security Bulletin ID
SB2025090873
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2025-39734)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ntfs_file_mmap() function in fs/ntfs3/file.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1903a6c1f2818154f6bc87bceaaecafa92b6ac5c
- https://git.kernel.org/stable/c/7ce6f83ca9d52c9245b7a017466fc4baa1241b0b
- https://git.kernel.org/stable/c/a49f0abd8959048af18c6c690b065eb0d65b2d21
- https://git.kernel.org/stable/c/a936be9b5f51c4d23f66fb673e9068c6b08104a4
- https://git.kernel.org/stable/c/b356ee013a79e7e3147bfe065de376706c5d2ee9
- https://git.kernel.org/stable/c/bd20733746263acaaf2a21881665db27ee4303d5
- https://git.kernel.org/stable/c/bec8109f957a6e193e52d1728799994c8005ca83