Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer overflow in hdr_first_de() The "de_off" and "used" variables come from the disk so they both need to check. The problem is that on 32bit systems if they're both greater than UINT_MAX - 16 then the check does work as intended because of an integer overflow.

INFO

Published Date :

2025-04-16T14:12:29.886Z

Last Modified :

2025-10-01T16:15:44.922Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-22080 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-22080.

URL Resource
https://git.kernel.org/stable/c/201a2bdda13b619c4927700ffe47d387a30ced50 cve-icon cve-icon
https://git.kernel.org/stable/c/6bb81b94f7a9cba6bde9a905cef52a65317a8b04 cve-icon cve-icon
https://git.kernel.org/stable/c/85615aa442830027923fc690390fa74d17b36ae1 cve-icon cve-icon
https://git.kernel.org/stable/c/b9982065b82b4177ba3a7a72ce18c84921f7494d cve-icon cve-icon
https://git.kernel.org/stable/c/f6d44b1aa46d317e52c21fb9314cfb20dd69e7b0 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025041613-CVE-2025-22080-a4ec@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-22080 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-22080 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact