5.18.2

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-401

NVD

Published: 2025-02-26

Updated: 2025-03-10

Summary

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide block_invalidate_folio to fix memory leak The ntfs3 filesystem lacks the 'invalidate_folio' method and it causes memory leak. If you write to the filesystem and then unmount it, the cached written data are not freed and they are permanently leaked.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.18.1 Linux Linux Kernel 5.18.2	2

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

https://git.kernel.org/stable/c/0753245a72ec99824677586499ee2e0919164b3f
https://git.kernel.org/stable/c/724bbe49c5e427cb077357d72d240a649f2e4054