A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22.

References

github.com/tuxera/ntfs-3g/releases

github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp

lists.debian.org/debian-lts-announce/2021/11/msg00013.html

security.gentoo.org/glsa/202301-01

www.debian.org/security/2021/dsa-4971

cnvd 1

nvd 1

prion 1

redhatcve 1

veracode 1

alpinelinux 1

cbl_mariner 1

debiancve 1

ubuntucve 1

cve 1

osv 24

nessus 16

slackware 1

debian 3

altlinux 1

openvas 6

suse 2

mageia 1

redhat 3

gentoo 1

almalinux 1

rocky 1

oraclelinux 1

cnvd

Tuxera NTFS-3G has an unspecified vulnerability

2021-10-29 00:00:00

nvd

CVE-2021-39257

2021-09-07 15:15:08

prion

Code injection

2021-09-07 15:15:00

redhatcve

CVE-2021-39257

2021-09-06 18:04:11

veracode

Denial Of Service

2021-09-08 15:35:46

alpinelinux

CVE-2021-39257

2021-09-07 15:15:00

cbl_mariner

CVE-2021-39257 affecting package ntfs-3g for versions less than 2021.8.22-1

2022-04-26 19:57:41

debiancve

CVE-2021-39257

2021-09-07 15:15:08

ubuntucve

CVE-2021-39257

2021-09-07 00:00:00

cve

CVE-2021-39257

2021-09-07 15:15:08

osv

CVE-2021-33289

2021-09-07 14:15:11

CVE-2021-35268

2021-09-07 14:15:11

CVE-2021-35266

2021-09-07 15:15:07

nessus

Debian DLA-2819-1 : ntfs-3g - LTS security update

2021-11-17 00:00:00

openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:2971-1)

2021-09-08 00:00:00

Debian DSA-4971-1 : ntfs-3g - security update

2021-09-09 00:00:00

slackware

[slackware-security] ntfs-3g

2021-08-31 21:01:05

debian

[SECURITY] [DLA 2819-1] ntfs-3g security update

2021-11-16 22:56:32

[SECURITY] [DSA 4971-1] ntfs-3g security update

2021-09-09 19:15:24

[SECURITY] [DSA 4971-1] ntfs-3g security update

2021-09-09 19:15:24

altlinux

Security fix for the ALT Linux 9 package ntfs-3g version 2:2021.8.22-alt1

2021-09-10 00:00:00

openvas

Mageia: Security Advisory (MGASA-2022-0001)

2022-01-28 00:00:00

Slackware: Security Advisory (SSA:2021-243-01)

2022-04-21 00:00:00

Debian: Security Advisory (DLA-2819-1)

2021-11-18 00:00:00

suse

Security update for ntfs-3g_ntfsprogs (important)

2021-09-09 00:00:00

Security update for ntfs-3g_ntfsprogs (important)

2021-09-07 00:00:00

mageia

Updated ntfs-3g packages fix security vulnerability

2022-01-03 10:36:40

redhat

(RHSA-2021:3704) Moderate: virt:8.2 and virt-devel:8.2 security update

2021-09-30 18:28:50

(RHSA-2021:3703) Moderate: virt:av and virt-devel:av security and bug fix update

2021-09-30 16:19:56

(RHSA-2022:1759) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

2022-05-10 07:59:57

gentoo

NTFS-3G: Multiple Vulnerabilities

2023-01-11 00:00:00

almalinux

Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

2022-05-10 07:59:57

rocky

virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

2022-05-10 07:59:57

oraclelinux

virt:ol and virt-devel:ol security, bug fix, and enhancement update

2022-05-17 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.5

Confidence

High

EPSS

Percentile

14.2%

JSON

Related for CVELIST:CVE-2021-39257