CVE-2025-71267
Description
In the Linux kernel, the following vulnerability has been resolved:fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LISTWe found an infinite loop bug in the ntfs3 file system that can lead to aDenial-of-Service (DoS) condition.A malformed NTFS image can cause an infinite loop when an ATTR_LIST attributeindicates a zero data size while the driver allocates memory for it.When ntfs_load_attr_list() processes a resident ATTR_LIST with data_size setto zero, it still allocates memory because of al_aligned(0). This creates aninconsistent state where ni->attr_list.size is zero, but ni->attr_list.le isnon-null. This causes ni_enum_attr_ex to incorrectly assume that no attributelist exists and enumerates only the primary MFT record. When it findsATTR_LIST, the code reloads it and restarts the enumeration, repeatingindefinitely. The mount operation never completes, hanging the kernel thread.This patch adds validation to ensure that data_size is non-zero before memoryallocation. When a zero-sized ATTR_LIST is detected, the function returns-EINVAL, preventing a DoS vulnerability.
Risk Information
Associated Vulnerability
No records foundPatch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234