The vulnerability resides in the NTFS3 file system driver in the Linux kernel. When a file is truncated to a smaller size, the kernel calls attr_set_size() to adjust the inode size; if this call fails, the error is silently ignored. As a result the inode metadata can be left in an inconsistent state, which can corrupt file data, cause loss of data, or in the worst case provoke a file‑system‑level denial of service as corrupted inodes propagate through the file system. This weakness is a failure to properly handle an error condition and is identified as CWE‑390.

All Linux kernel releases that contain the NTFS3 implementation before the fix identified by commit 576248a34b9 are affected. The flaw impacts any system that mounts an NTFS3 partition, whether it is on internal storage, removable media, or network‑attached storage presented to the kernel. The vulnerability is not confined to a particular distribution but applies to every Linux distribution shipping a kernel older than the patched release.

The CVSS score of 5.5 indicates moderate severity. The EPSS score of < 1% reflects a very low but non‑zero likelihood of exploitation, and the flaw is not listed in the CISA KEV catalog. The attack surface is local: an attacker must have write access to a file on an NTFS3 mount and then perform a truncation operation that fails. Because the error is ignored, the attacker can induce corruption of inode metadata, leading to data loss or interruption of services that depend on the affected files or volume. There is no evidence that the flaw can be exploited for privilege escalation or remote code execution, but the potential for data integrity loss warrants immediate remediation.