{"id":"CVE-2026-45864","summary":"fs/ntfs3: prevent infinite loops caused by the next valid being the same","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: prevent infinite loops caused by the next valid being the same\n\nWhen processing valid within the range [valid : pos), if valid cannot\nbe retrieved correctly, for example, if the retrieved valid value is\nalways the same, this can trigger a potential infinite loop, similar\nto the hung problem reported by syzbot [1].\n\nAdding a check for the valid value within the loop body, and terminating\nthe loop and returning -EINVAL if the value is the same as the current\nvalue, can prevent this.\n\n[1]\nINFO: task syz.4.21:6056 blocked for more than 143 seconds.\nCall Trace:\n rwbase_write_lock+0x14f/0x750 kernel/locking/rwbase_rt.c:244\n inode_lock include/linux/fs.h:1027 [inline]\n ntfs_file_write_iter+0xe6/0x870 fs/ntfs3/file.c:1284","modified":"2026-06-27T11:55:11.637381660Z","published":"2026-05-27T12:15:43.807Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45864.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/27b75ca4e51e3e4554dc85dbf1a0246c66106fd3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4bf3bafb8e0635ed93e3cd4156dcbcc0fb960cb4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/50c822fcb36768f1fb356f05b02a2248ef81936d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6d93239b4fc479f7c0a412dd196ec0ca2672d14a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/71c8b966ec56e13c02388c1312910588bb49be7a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a47a2bb9aa6455d5cee1045814a60c749309c92b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b97e371e5d1c13d722335d46eb8bc1a22b272a0e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45864.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45864"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4342306f0f0d5ff4315a204d315c1b51b914fca5"},{"fixed":"50c822fcb36768f1fb356f05b02a2248ef81936d"},{"fixed":"6d93239b4fc479f7c0a412dd196ec0ca2672d14a"},{"fixed":"71c8b966ec56e13c02388c1312910588bb49be7a"},{"fixed":"b97e371e5d1c13d722335d46eb8bc1a22b272a0e"},{"fixed":"4bf3bafb8e0635ed93e3cd4156dcbcc0fb960cb4"},{"fixed":"a47a2bb9aa6455d5cee1045814a60c749309c92b"},{"fixed":"27b75ca4e51e3e4554dc85dbf1a0246c66106fd3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-45864.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.15.0"},{"fixed":"5.15.202"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.165"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.128"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.75"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.14"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-45864.json"}}],"schema_version":"1.7.5"}