Inconsistent State Vulnerability in Linux Kernel Affects NTFS File Handling
CVE-2025-71289

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2025-71289?

In the Linux kernel, a vulnerability exists in the NTFS file system handling that can lead to the inode being left in an inconsistent state. This issue arises when the attr_set_size() function encounters an error during file truncation and fails to report this error. As a result, the system silently ignores the failure, potentially leading to data integrity problems and unpredictable behavior.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6dfea43d11513b7f2892529de55e8f0855108a2c

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 576248a34b927e93b2fd3fff7df735ba73ad7d01

Linux 6.19.6 <= 6.19.*

References

https://git.kernel.org/stable/c/6dfea43d11513b7f2892529de...

https://git.kernel.org/stable/c/576248a34b927e93b2fd3fff7...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 6, 2026

CVE-2025-71289 Data

JSON