CVE-2025-40307 exfat: validate cluster allocation bits of the allocation bitmap

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

CVE-2025-40307

CVE-2025-40307 affects the Linux kernel exFAT filesystem implementation. The vulnerability arises from validating the allocation bitmap for the exfat cluster allocation, enabling a scenario where, if the allocation bitmap start cluster is 6, cluster 6 could be allocated during mkdir, causing dele...

CVE-2025-40307 exfat: validate cluster allocation bits of the allocation bitmap

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...