RedosROS-20240403-02ROS-20240403-02
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
20.5%
Vulnerability of ntfs_names_full_collate function of NTFS file system for NTFS-3G FUSE module is related to
buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute
arbitrary code with elevated privileges using a specially crafted NTFS image file
The NTFS file descriptor vulnerability for the NTFS-3G FUSE module is related to reading and writing
outside of buffer boundaries. Exploitation of the vulnerability could allow an attacker to execute arbitrary code with
elevated privileges through a specially crafted request
Vulnerability of NTFS file system ntfs_check_log_client_array function for NTFS-3G FUSE module is related to
buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute
arbitrary code with elevated privileges using a specially crafted NTFS image file
Vulnerability of NTFS file system check_file_record function for NTFS-3G FUSE module is related to a buffer overflow in dynamic memory.
buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker,
acting remotely, to execute arbitrary code with elevated privileges using specially
mounted malicious NTFS file system
A vulnerability in the ntfs_mft_rec_alloc function of the NTFS file system for the NTFS-3G FUSE module is associated with a
buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute
arbitrary code with elevated privileges using a specially crafted NTFS image file
Vulnerability of NTFS file system ntfs_get_attribute_value function for NTFS-3G FUSE module is related to
buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker,
acting remotely, to execute arbitrary code with elevated privileges using a specially
specially crafted NTFS image file
A vulnerability in the fuse_kern_mount function of the libfuse-lite library of the NTFS file system for the NTFS-3G FUSE module
is related to the return of an invalid status code. Exploitation of the vulnerability could allow an attacker to
execute arbitrary code with elevated privileges using a specially crafted request
Vulnerability in the fuse_lib_readdir function of the libfuse-lite library of the NTFS file system for the FUSE module
NTFS-3G is associated with an integer loss of significance. Exploitation of the vulnerability could allow an attacker to
execute arbitrary code with elevated privileges using a specially crafted request
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
20.5%