#VU124210 Loop with Unreachable Exit Condition ('Infinite Loop') in Linux kernel - CVE-2025-71265
Published: March 20, 2026
Vulnerability identifier: #VU124210
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-71265
CWE-ID: CWE-835
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local attacker to cause a denial of service.
The vulnerability exists due to an infinite loop in the ntfs3 file system's attr_load_runs_range function when processing inconsistent metadata. A local attacker can provide a malformed NTFS image to cause a denial of service.
The attacker-controlled NTFS image contains inconsistent metadata where an attribute header indicates an empty run list (evcn=-1 with svcn=0), but directory entries reference it as containing data. After a successful but empty run_unpack() call, the runs_tree remains uninitialized, causing subsequent run_lookup_entry() calls to fail and vcn to increment by zero, resulting in an infinite loop.
Remediation
Install security update from vendor's repository.
External links
- https://git.kernel.org/stable/c/3c3a6e951b9b53dab2ac460a655313cf04c4a10a
- https://git.kernel.org/stable/c/4b90f16e4bb5607fb35e7802eb67874038da4640
- https://git.kernel.org/stable/c/6f07a590616ff5f57f7c041d98e463fad9e9f763
- https://git.kernel.org/stable/c/78b61f7eac37a63284774b147f38dd0be6cad43c
- https://git.kernel.org/stable/c/a89bc96d5abd8a4a8d5d911884ea347efcdf460b
- https://git.kernel.org/stable/c/af839013c70a24779f9d1afb1575952009312d38
- https://git.kernel.org/stable/c/c0b43c45d45f59e7faad48675a50231a210c379b