CVE-2025-71311 PUBLISHED

fs/ntfs3: Initialize new folios before use

Assigner: Linux
Reserved: 27.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Initialize new folios before use

KMSAN reports an uninitialized value in longest_match_std(), invoked from ntfs_compress_write(). When new folios are allocated without being marked uptodate and ni_read_frame() is skipped because the caller expects the frame to be completely overwritten, some reserved folios may remain only partially filled, leaving the rest memory uninitialized.

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 584f60ba22f79c89e6708ab82a5b5d9b8fa21fb2 to dd6c81527d097b3b0bf5a15c2fdc9657d045144c (excl.) affected from 584f60ba22f79c89e6708ab82a5b5d9b8fa21fb2 to 5a30cc03bde169ad558695b26da6ea7e55f6194a (excl.) affected from 584f60ba22f79c89e6708ab82a5b5d9b8fa21fb2 to 41d79f8e2a36622d148719bf7c18b46ac1264284 (excl.) affected from 584f60ba22f79c89e6708ab82a5b5d9b8fa21fb2 to f223ebffa185cc8da934333c5a31ff2d4f992dc9 (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 6.11 is affected unaffected from 0 to 6.11 (excl.) unaffected from 6.12.75 to 6.12.* (incl.) unaffected from 6.18.14 to 6.18.* (incl.) unaffected from 6.19.4 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)

CVE-2025-71311 PUBLISHED

fs/ntfs3: Initialize new folios before use

Product Status

References