CVE-2025-68369

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-68369
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68369.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-68369
Downstream
Related
Published
2025-12-24T10:32:55.440Z
Modified
2026-02-04T02:55:14.961425Z
Summary
ntfs3: init run lock for extend inode
Details

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: init run lock for extend inode

After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the dotruncate() routine, causing the runlock uninitialized error reported by syzbot.

Prior to patch 4e8011ffec79, if the inode mode of $Extend was not set to a regular file, the do_truncate() routine would not be entered.

Add the run_lock initialization when loading $Extend.

syzbot reported: INFO: trying to register non-static key. Call Trace: dumpstacklvl+0x189/0x250 lib/dumpstack.c:120 assignlockkey+0x133/0x150 kernel/locking/lockdep.c:984 registerlockclass+0x105/0x320 kernel/locking/lockdep.c:1299 _lockacquire+0x99/0xd20 kernel/locking/lockdep.c:5112 lockacquire+0x120/0x360 kernel/locking/lockdep.c:5868 downwrite+0x96/0x1f0 kernel/locking/rwsem.c:1590 ntfssetsize+0x140/0x200 fs/ntfs3/inode.c:860 ntfsextend+0x1d9/0x970 fs/ntfs3/file.c:387 ntfs_setattr+0x2e8/0xbe0 fs/ntfs3/file.c:808

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68369.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
63eb6730ce0604d3eacf036c2f68ea70b068317c
Fixed
79c8a77b1782e2ace96d063be3c41ba540d1e20a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
78d46f5276ed3589aaaa435580068c5b62efc921
Fixed
433d1f7c628c3cbdd7efce064d6c7acd072cf6c4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
17249b2a65274f73ed68bcd1604e08a60fd8a278
Fixed
907bf69c6b6ce5d038eec7a599d67b45b62624bc
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
37f65e68ba9852dc51c78dbb54a9881c3f0fe4f7
Fixed
6e17555728bc469d484c59db4a0abc65c19bc315
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
57534db1bbc4ca772393bb7d92e69d5e7b9051cf
Fixed
19164d8228317f3f1fe2662a9ba587cfe3b2d29e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4e8011ffec79717e5fdac43a7e79faf811a384b7
Fixed
ab5e8ebeee1caa4fcf8be7d8d62c0a7165469076
Fixed
be99c62ac7e7af514e4b13f83c891a3cccefaa48

Affected versions

v5.*
v5.15.197
v6.*
v6.1.159
v6.12.58
v6.12.59
v6.12.60
v6.12.61
v6.12.62
v6.17
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.17.10
v6.17.11
v6.17.12
v6.17.8
v6.17.9
v6.18
v6.18-rc1
v6.18-rc2
v6.18-rc3
v6.18-rc4
v6.18-rc5
v6.18-rc6
v6.18-rc7
v6.18.1
v6.6.117
v6.6.118
v6.6.119

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68369.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.198
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.160
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.120
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.63
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.17.13
Type
ECOSYSTEM
Events
Introduced
6.18.0
Fixed
6.18.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68369.json"