File Name Handling Vulnerability in Linux Kernel by Vendor Linux
CVE-2025-38707

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-38707?

A vulnerability has been identified in the Linux kernel's fs/ntfs3 module, where inadequate checks on file names may allow excessive lengths to exceed the directory entry size, potentially leading to unexpected behaviors or system instability. This issue underscores the significance of implementing proper name validation within file management systems to bolster overall system integrity.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3572737a768dadea904ebc4eb34b6ed575bb72d9

References

https://git.kernel.org/stable/c/bde58c1539f3ffddffc94d640...

https://git.kernel.org/stable/c/f99eb9a641f4ef927d8724f49...

https://git.kernel.org/stable/c/3572737a768dadea904ebc4eb...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025