SB20260320116 - Loop with Unreachable Exit Condition ('Infinite Loop') in Linux kernel ntfs3
Published: March 20, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Loop with Unreachable Exit Condition ('Infinite Loop') (CVE-ID: CVE-2025-71265)
The vulnerability allows a local attacker to cause a denial of service.
The vulnerability exists due to an infinite loop in the ntfs3 file system's attr_load_runs_range function when processing inconsistent metadata. A local attacker can provide a malformed NTFS image to cause a denial of service.
The attacker-controlled NTFS image contains inconsistent metadata where an attribute header indicates an empty run list (evcn=-1 with svcn=0), but directory entries reference it as containing data. After a successful but empty run_unpack() call, the runs_tree remains uninitialized, causing subsequent run_lookup_entry() calls to fail and vcn to increment by zero, resulting in an infinite loop.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3c3a6e951b9b53dab2ac460a655313cf04c4a10a
- https://git.kernel.org/stable/c/4b90f16e4bb5607fb35e7802eb67874038da4640
- https://git.kernel.org/stable/c/6f07a590616ff5f57f7c041d98e463fad9e9f763
- https://git.kernel.org/stable/c/78b61f7eac37a63284774b147f38dd0be6cad43c
- https://git.kernel.org/stable/c/a89bc96d5abd8a4a8d5d911884ea347efcdf460b
- https://git.kernel.org/stable/c/af839013c70a24779f9d1afb1575952009312d38
- https://git.kernel.org/stable/c/c0b43c45d45f59e7faad48675a50231a210c379b