CVE-2025-71266

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> fs: ntfs3: check return value of indx_find to avoid infinite loop<br /> <br /> We found an infinite loop bug in the ntfs3 file system that can lead to a<br /> Denial-of-Service (DoS) condition.<br /> <br /> A malformed dentry in the ntfs3 filesystem can cause the kernel to hang<br /> during the lookup operations. By setting the HAS_SUB_NODE flag in an<br /> INDEX_ENTRY within a directory&amp;#39;s INDEX_ALLOCATION block and manipulating the<br /> VCN pointer, an attacker can cause the indx_find() function to repeatedly<br /> read the same block, allocating 4 KB of memory each time. The kernel lacks<br /> VCN loop detection and depth limits, causing memory exhaustion and an OOM<br /> crash.<br /> <br /> This patch adds a return value check for fnd_push() to prevent a memory<br /> exhaustion vulnerability caused by infinite loops. When the index exceeds the<br /> size of the fnd-&gt;nodes array, fnd_push() returns -EINVAL. The indx_find()<br /> function checks this return value and stops processing, preventing further<br /> memory allocation.