HOMEVULNERABILITIESCVE-2025-71309
NONE

CVE-2025-71309

Published: May 27, 2026· Updated: May 27, 2026

Official Description

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: fix deadlock in ni_read_folio_cmpr

Syzbot reported a task hung in ni_readpage_cmpr (now ni_read_folio_cmpr).

This is caused by a lock inversion deadlock involving the inode mutex

(ni_lock) and page locks.

Scenario:

1. Task A enters ntfs_read_folio() for page X. It acquires ni_lock.

2. Task A calls ni_read_folio_cmpr(), which attempts to lock all pages in

the compressed frame (including page Y).

3. Concurrently, Task B (e.g., via readahead) has locked page Y and

calls ntfs_read_folio().

4. Task B waits for ni_lock (held by A).

5. Task A waits for page Y lock (held by B).

-> DEADLOCK.

The fix is to restructure locking: do not take ni_lock in ntfs_read_folio().

Instead, acquire ni_lock inside ni_read_folio_cmpr() ONLY AFTER all required

page locks for the frame have been successfully acquired. This restores the

correct lock ordering (Page Lock -> ni_lock) consistent with VFS.

[[email protected]: ni_readpage_cmpr was renamed to ni_read_folio_cmpr]

NVD Source

Technical Analysis

CVE-2025-71309 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (2)

Quick Facts

CVE IDCVE-2025-71309
SeverityNONE
CISA KEVNo
PublishedMay 27, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2025-71309 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.