logo
DATABASE RESOURCES PRICING ABOUT US

NTFS-3G: Remote code execution, possible privilege escalation

Description

### Background NTFS-3G is a stable, full-featured, read-write NTFS driver for various operating systems. ### Description An integer underflow issue exists in NTFS-3G which may cause a heap buffer overflow with crafted input. ### Impact A remote attacker may be able to execute arbitrary code while a local attacker may be able to escalate privileges. ### Workaround There is no known workaround at this time. ### Resolution All NTFS-3G users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=sys-fs/ntfs3g-2017.3.23-r3"


Affected Package


OS OS Version Package Name Package Version
Gentoo any sys-fs/ntfs3g 2017.3.23-r3

Related