Volerion logoVolerion
Volerion logoVolerion

Linux Kernel NTFS3 Buffer Length Validation Vulnerability Leading to Out-of-Bounds Memory Access

Vulnerability

A vulnerability in the Linux kernel's NTFS3 file system implementation allows for out-of-bounds memory accesses due to insufficient validation of buffer lengths when parsing index data. This issue arises during certain directory operations that require additional information from index buffers. The lack of proper checks can lead to memory corruption, as demonstrated by a reported 'slab-out-of-bounds' error. The vulnerability affects Linux kernel versions prior to 6.0.0-rc6.

Impact

Exploitation of this vulnerability causes out-of-bounds memory accesses, which can lead to memory corruption.

Reproduction

The vulnerability can be reproduced by performing NTFS directory operations that require index information, such as using the 'open' system call on a directory with specific index structures. This triggers the 'indx_read' function, which now lacks proper buffer length validation, leading to the out-of-bounds access.

Remediation

Users can upgrade to Linux kernel versions 6.0.0-rc6 or later, where this vulnerability has been addressed.

Added: Oct 1, 2025, 12:50 PM
Updated: Oct 1, 2025, 12:50 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.6
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.