SB20260625138 - Improper Check or Handling of Exceptional Conditions in Linux kernel ntfs3
Published: June 25, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper Check or Handling of Exceptional Conditions (CVE-ID: CVE-2026-53027)
CWE-ID: CWE-703 - Improper Check or Handling of Exceptional Conditions
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper handling of attribute segment run loading in attr_data_get_block_locked() when processing compressed or sparse attributes with frame-aligned clusters. A local user can trigger the affected code path to cause a denial of service.
The issue is triggered when vcn is rounded down to the frame start and vcn and vcn0 reside in different attribute segments.
Remediation
Install update from vendor's website.