Linux Kernel NTFS3 Integer Overflow Vulnerability on 32-bit Systems

Vulnerability

An integer overflow vulnerability has been identified in the Linux kernel's NTFS3 file system module, specifically on 32-bit systems. The issue arises from the addition of 'off' and 'sizeof(struct NTFS_DE)', which can lead to integer wrapping. This vulnerability has been addressed by using 'size_add()' to prevent the overflow.

Impact

Exploitation of this vulnerability could lead to incorrect memory calculations, potentially allowing for buffer overflows or other memory corruption issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NTFS3 Integer Overflow Vulnerability on 32-bit Systems

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating