CVE-2025-39691

CVE-2025-39691 (Linux kernel) is a use-after-free in fs/buffer when bh_read() is used during ntfs3 mount, where a stack variable map_bh passed to ntfs_get_block_vbo() may be freed before end_buffer_read_sync(), risking stack overrun on put_bh. The issue is triggered in the I/O path for buffer hea...