CVE-2025-71289

medium

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attr_set_size() errors when truncating files If attr_set_size() fails while truncating down, the error is silently ignored and the inode may be left in an inconsistent state.

References

https://git.kernel.org/stable/c/d73dcd1520d65a34420761641a36b951b14c8c53

https://git.kernel.org/stable/c/6dfea43d11513b7f2892529de55e8f0855108a2c

https://git.kernel.org/stable/c/576248a34b927e93b2fd3fff7df735ba73ad7d01

https://git.kernel.org/stable/c/3a718675d6af4992e34ffe86b8f36d471a5afe0e

Details

Source: Mitre, NVD

Published: 2026-05-06

Updated: 2026-06-01

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018