#VU114940 Improper locking in Linux kernel - CVE-2025-39734
Published: September 8, 2025
Vulnerability identifier: #VU114940
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-39734
CWE-ID: CWE-667
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ntfs_file_mmap() function in fs/ntfs3/file.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/1903a6c1f2818154f6bc87bceaaecafa92b6ac5c
- https://git.kernel.org/stable/c/7ce6f83ca9d52c9245b7a017466fc4baa1241b0b
- https://git.kernel.org/stable/c/a49f0abd8959048af18c6c690b065eb0d65b2d21
- https://git.kernel.org/stable/c/a936be9b5f51c4d23f66fb673e9068c6b08104a4
- https://git.kernel.org/stable/c/b356ee013a79e7e3147bfe065de376706c5d2ee9
- https://git.kernel.org/stable/c/bd20733746263acaaf2a21881665db27ee4303d5
- https://git.kernel.org/stable/c/bec8109f957a6e193e52d1728799994c8005ca83