| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025122400-CVE-2025-68369-f437@gregkh> Date: Wed, 24 Dec 2025 11:35:14 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-68369: ntfs3: init run lock for extend inode From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the do_truncate() routine, causing the run_lock uninitialized error reported by syzbot. Prior to patch 4e8011ffec79, if the inode mode of $Extend was not set to a regular file, the do_truncate() routine would not be entered. Add the run_lock initialization when loading $Extend. syzbot reported: INFO: trying to register non-static key. Call Trace: dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120 assign_lock_key+0x133/0x150 kernel/locking/lockdep.c:984 register_lock_class+0x105/0x320 kernel/locking/lockdep.c:1299 __lock_acquire+0x99/0xd20 kernel/locking/lockdep.c:5112 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868 down_write+0x96/0x1f0 kernel/locking/rwsem.c:1590 ntfs_set_size+0x140/0x200 fs/ntfs3/inode.c:860 ntfs_extend+0x1d9/0x970 fs/ntfs3/file.c:387 ntfs_setattr+0x2e8/0xbe0 fs/ntfs3/file.c:808 The Linux kernel CVE team has assigned CVE-2025-68369 to this issue. Affected and fixed versions =========================== Issue introduced in 6.12.58 with commit 37f65e68ba9852dc51c78dbb54a9881c3f0fe4f7 and fixed in 6.12.63 with commit 6e17555728bc469d484c59db4a0abc65c19bc315 Issue introduced in 6.17.8 with commit 57534db1bbc4ca772393bb7d92e69d5e7b9051cf and fixed in 6.17.13 with commit 19164d8228317f3f1fe2662a9ba587cfe3b2d29e Issue introduced in 6.18 with commit 4e8011ffec79717e5fdac43a7e79faf811a384b7 and fixed in 6.18.2 with commit ab5e8ebeee1caa4fcf8be7d8d62c0a7165469076 Issue introduced in 6.18 with commit 4e8011ffec79717e5fdac43a7e79faf811a384b7 and fixed in 6.19-rc1 with commit be99c62ac7e7af514e4b13f83c891a3cccefaa48 Issue introduced in 5.15.197 with commit 63eb6730ce0604d3eacf036c2f68ea70b068317c Issue introduced in 6.1.159 with commit 78d46f5276ed3589aaaa435580068c5b62efc921 Issue introduced in 6.6.117 with commit 17249b2a65274f73ed68bcd1604e08a60fd8a278 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-68369 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/ntfs3/inode.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/6e17555728bc469d484c59db4a0abc65c19bc315 https://git.kernel.org/stable/c/19164d8228317f3f1fe2662a9ba587cfe3b2d29e https://git.kernel.org/stable/c/ab5e8ebeee1caa4fcf8be7d8d62c0a7165469076 https://git.kernel.org/stable/c/be99c62ac7e7af514e4b13f83c891a3cccefaa48
Powered by blists - more mailing lists