What is CVE-2025-71312?

CVE-2025-71312 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.19 onward and patched in 6.19.4 and 7.0. CVE-2025-71312 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-71312?

CVE-2025-71312 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-71312?

Yes, CVE-2025-71312 has been patched. Fixed versions include 6.19.4 and 7.0. If you are running Linux kernel 6.19 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-71312 actively exploited?

CVE-2025-71312 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfs_mount_options leak in ntfs_fill_super() In ntfs_fill_super(), the fc->fs_private pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfs_fs_free() to skip freeing the ntfs_mount_options structure. This results in a kmemleak report: unreferenced object 0xff1100015378b800 (size 32): comm "mount", pid 582, jiffies 4294890685 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 ed ff ed ff 00 04 00 00 ................ backtrace (crc ed541d8c): __kmalloc_cache_noprof+0x424/0x5a0 __ntfs_init_fs_context+0x47/0x590 alloc_fs_context+0x5d8/0x960 __x64_sys_fsopen+0xb1/0x190 do_syscall_64+0x50/0x1f0 entry_SYSCALL_64_after_hwframe+0x76/0x7e This issue can be reproduced using the following commands: fallocate -l 100M test.file mount test.file /tmp/test Since sbi->options is duplicated from fc->fs_private and does not directly use the memory allocated for fs_private, it is unnecessary to set fc->fs_private to NULL. Additionally, this patch simplifies the code by utilizing the helper function put_mount_options() instead of open-coding the cleanup logic.

Package Linux Kernel

Published 2026-05-27

Last modified 2026-05-27

Patch available

Yes

Affected versions

Linux kernel versions 6.19 and later are affected. Fixed in 6.19.4, 7.0 and their respective stable series.

Affected from

≥ 6.19

Fixed in

✓ 6.19.4 6.19.x ✓ 7.0

References

The following references provide additional information about CVE-2025-71312 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/dac871d833b09495198dcac81d2ebaa8db11acbc
Patch
Kernel patch commit
https://git.kernel.org/stable/c/f7edab0cee03a1cbe0e55a7bcab8d2d8b6b74278
Patch

Frequently asked questions

What is CVE-2025-71312?

CVE-2025-71312 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.19 onward and has been patched in 6.19.4 and 7.0. CVE-2025-71312 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2025-71312?

Yes — CVE-2025-71312 has been patched. Fixed versions include 6.19.4 and 7.0. If you are running Linux kernel 6.19 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-71312 actively exploited?

No — CVE-2025-71312 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.