Linux Distros Unpatched Vulnerability : CVE-2025-71312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate...

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

EUVD-2025-209966

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

CVE-2025-71312 fs/ntfs3: fix ntfs_mount_options leak in ntfs_fill_super()

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

CVE-2025-71312

fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper...

UBUNTU-CVE-2025-71067

In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read bootblock when mounting When mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a dummy blocksize before attempting to read the bootblock. The issue can...

CVE-2025-71067

The CVE-2025-71067 vulnerability affects the Linux kernel NTFS mounting path where sb->s_blocksize can remain zero when the block size of the block device exceeds PAGE_SIZE, causing ntfs_init_from_boot() to read the boot_block with an undefined/zero blocksize. The issue is triggered during mou...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an ntfs mount that does not set the virtual block size to read the boot block, which could result in a read...

Linux Distros Unpatched Vulnerability : CVE-2025-71067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs: set dummy blocksize to read bootblock when mounting When mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a...

PT-2025-53103

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc7 Description The Linux kernel contains a flaw in the NTFS3 file system implementation related to security initialization. Specifically, the sanity check for $SDH and $SII is insufficient, potentially...

CVE-2025-39691 fs/buffer: fix use-after-free when call bh_read() helper

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

Microsoft Windows SMB Server (v1v2) - Mount Point Arbitrary Device Open Privilege Escalation

Microsoft Windows SMB Server v1v2 - Mount Point Arbitrary Device Open Privilege Escalation Windows: SMB Server v1 and v2 Mount Point Arbitrary Device Open EoP Platform: Windows 10 1703 and 1709 seems the same on 7 and 8.1 but not extensively tested Class: Elevation of Privilege Summary: The SMB...

Microsoft Windows SMB Server (v1/v2) - Mount Point Arbitrary Device Open Privilege Escalation

Windows: SMB Server v1 and v2 Mount Point Arbitrary Device Open EoP Platform: Windows 10 1703 and 1709 seems the same on 7 and 8.1 but not extensively tested Class: Elevation of Privilege Summary: The SMB server driver srv.sys and srv2.sys don't check the destination of a NTFS mount point when...

Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)

Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass MS15-111 Source: https://code.google.com/p/google-security-research/issues/detail?id=486 Windows: Sandboxed Mount Reparse Point Creation Mitigation Bypass Platform: Windows 10 build 10240, earlier versions do not have...

Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)

Source: https://code.google.com/p/google-security-research/issues/detail?id=486 Windows: Sandboxed Mount Reparse Point Creation Mitigation Bypass Platform: Windows 10 build 10240, earlier versions do not have the functionality Class: Security Feature Bypass Summary: A mitigation added to Windows ...

Windows 10^H^H Symbolic Link Mitigations

Posted by James Forshaw, abusing symbolic links like it’s 1999. For the past couple of years I’ve been researching Windows elevation of privilege attacks. This might be escaping sandboxing or gaining system privileges. One of the techniques I’ve used multiple times is abusing the symbolic link...