logo
DATABASE RESOURCES PRICING ABOUT US

Amazon Linux 2 : libguestfs-winsupport (ALAS-2020-1522)

Description

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1522 advisory. - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related