Linux Kernel NTFS3 File System Infinite Loop Vulnerability Leading to Denial-of-Service

An infinite loop vulnerability has been identified in the Linux kernel's NTFS3 file system, which can cause a denial-of-service condition. This issue arises when a malformed NTFS image presents an attribute header with an empty run list, while directory entries indicate the presence of actual data. The problem occurs due to metadata inconsistencies, where the attribute header falsely claims to be empty, leading to an uninitialized runs tree. Exploitation of this vulnerability causes the system to enter an infinite loop, repeatedly failing to process the expected data.

Impact

Exploitation of this vulnerability causes the system to enter an infinite loop, repeatedly failing to process the expected data, which can lead to a denial-of-service condition.

Reproduction

To reproduce this vulnerability, create a malformed NTFS image that includes an attribute header indicating an empty run list, while directory entries reference it as containing actual data. When the NTFS3 file system processes this image, the inconsistency will trigger the infinite loop. The vulnerability can be observed by monitoring the system's response, which will indicate a denial-of-service condition.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.