Linux Kernel NTFS3 NULL Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's NTFS3 file system handling has been addressed. The issue arose because the hdr_first_de() function can return a NULL pointer, which was not properly managed. To resolve this, an error handler has been implemented to consistently handle potential NULL values. Similar error handling already exists in other parts of the code where this function is used.

Impact

Exploitation of this vulnerability could lead to a NULL pointer dereference, potentially causing a system crash or other unintended behavior.

Added: Jul 3, 2025, 9:26 AM

Updated: Jul 3, 2025, 9:26 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NTFS3 NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating