{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39734", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.119Z", "datePublished": "2025-09-07T15:16:22.015Z", "dateUpdated": "2025-09-29T05:58:20.676Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-29T05:58:20.676Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"fs/ntfs3: Replace inode_trylock with inode_lock\"\n\nThis reverts commit 69505fe98f198ee813898cbcaf6770949636430b.\n\nInitially, conditional lock acquisition was removed to fix an xfstest bug\nthat was observed during internal testing. The deadlock reported by syzbot\nis resolved by reintroducing conditional acquisition. The xfstest bug no\nlonger occurs on kernel version 6.16-rc1 during internal testing. I\nassume that changes in other modules may have contributed to this."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ntfs3/file.c"], "versions": [{"version": "e3e3b3eb54feaf6400800812c8d0f95a7213923d", "lessThan": "bec8109f957a6e193e52d1728799994c8005ca83", "status": "affected", "versionType": "git"}, {"version": "7a498fc945080bccc25fdc36f1d663798441158b", "lessThan": "1903a6c1f2818154f6bc87bceaaecafa92b6ac5c", "status": "affected", "versionType": "git"}, {"version": "53173e3865acb06f3e86c703696510c12fecc612", "lessThan": "a936be9b5f51c4d23f66fb673e9068c6b08104a4", "status": "affected", "versionType": "git"}, {"version": "69505fe98f198ee813898cbcaf6770949636430b", "lessThan": "b356ee013a79e7e3147bfe065de376706c5d2ee9", "status": "affected", "versionType": "git"}, {"version": "69505fe98f198ee813898cbcaf6770949636430b", "lessThan": "7ce6f83ca9d52c9245b7a017466fc4baa1241b0b", "status": "affected", "versionType": "git"}, {"version": "69505fe98f198ee813898cbcaf6770949636430b", "lessThan": "bd20733746263acaaf2a21881665db27ee4303d5", "status": "affected", "versionType": "git"}, {"version": "69505fe98f198ee813898cbcaf6770949636430b", "lessThan": "a49f0abd8959048af18c6c690b065eb0d65b2d21", "status": "affected", "versionType": "git"}, {"version": "d5ad80aabd5a76a5de52b7663b1f3223dd01ea38", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ntfs3/file.c"], "versions": [{"version": "6.11", "status": "affected"}, {"version": "0", "lessThan": "6.11", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.190", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.148", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.102", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.42", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.10", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.1", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.165", "versionEndExcluding": "5.15.190"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.103", "versionEndExcluding": "6.1.148"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.44", "versionEndExcluding": "6.6.102"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.12.42"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.15.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.16.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.10.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/bec8109f957a6e193e52d1728799994c8005ca83"}, {"url": "https://git.kernel.org/stable/c/1903a6c1f2818154f6bc87bceaaecafa92b6ac5c"}, {"url": "https://git.kernel.org/stable/c/a936be9b5f51c4d23f66fb673e9068c6b08104a4"}, {"url": "https://git.kernel.org/stable/c/b356ee013a79e7e3147bfe065de376706c5d2ee9"}, {"url": "https://git.kernel.org/stable/c/7ce6f83ca9d52c9245b7a017466fc4baa1241b0b"}, {"url": "https://git.kernel.org/stable/c/bd20733746263acaaf2a21881665db27ee4303d5"}, {"url": "https://git.kernel.org/stable/c/a49f0abd8959048af18c6c690b065eb0d65b2d21"}], "title": "Revert \"fs/ntfs3: Replace inode_trylock with inode_lock\"", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"fs/ntfs3: Replace inode_trylock with inode_lock\"\n\nThis reverts commit 69505fe98f198ee813898cbcaf6770949636430b.\n\nInitially, conditional lock acquisition was removed to fix an xfstest bug\nthat was observed during internal testing. The deadlock reported by syzbot\nis resolved by reintroducing conditional acquisition. The xfstest bug no\nlonger occurs on kernel version 6.16-rc1 during internal testing. I\nassume that changes in other modules may have contributed to this."}], "id": "CVE-2025-39734", "lastModified": "2025-09-08T16:25:38.810", "metrics": {}, "published": "2025-09-07T16:15:50.370", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1903a6c1f2818154f6bc87bceaaecafa92b6ac5c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7ce6f83ca9d52c9245b7a017466fc4baa1241b0b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a49f0abd8959048af18c6c690b065eb0d65b2d21"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a936be9b5f51c4d23f66fb673e9068c6b08104a4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b356ee013a79e7e3147bfe065de376706c5d2ee9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bd20733746263acaaf2a21881665db27ee4303d5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bec8109f957a6e193e52d1728799994c8005ca83"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: Revert \"fs/ntfs3: Replace inode_trylock with inode_lock\"", "id": "2393732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393732"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-39734", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-39734\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-39734\nhttps://lore.kernel.org/linux-cve-announce/2025090731-CVE-2025-39734-efa5@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-09-08T15:17:38.588348+00:00", "updated": "2025-09-08T15:17:38.588395+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}