CVE-2025-71289

EUVD-2025-209678
In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: handle attr_set_size() errors when truncating files

If attr_set_size() fails while truncating down, the error is silently
ignored and the inode may be left in an inconsistent state.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.15 ≤
𝑥
< 6.19.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
vulnerable
trixie (security)
6.12.94-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/3a718675d6af4992e34ffe86b8f36d471a5afe0e
https://git.kernel.org/stable/c/576248a34b927e93b2fd3fff7df735ba73ad7d01
https://git.kernel.org/stable/c/6dfea43d11513b7f2892529de55e8f0855108a2c
https://git.kernel.org/stable/c/d73dcd1520d65a34420761641a36b951b14c8c53