A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22.

...

In NTFS-3G versions < 2021.8.22 when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure denial of service and even code execution.

...

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22.

...

A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.

...

In NTFS-3G versions < 2021.8.22 when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open a heap buffer overflow can occur allowing for code execution and escalation of privileges.

...

Virtuozzo ReadyKernel patch 137.1 for Virtuozzo Hybrid Server 7.0, 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.x. Vulnerability id: PSBM-136295 3.10.0-1127.8.2.vz7.151.14 to 3.10.0-1160.41.1.vz7.183.5 fs/locks.c: Node crash BUG in locksinsertblock...

Oracle Linux 8 : kernel (ELSA-2021-4356)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4356 advisory. - ovl: prevent private clone if bind mount is not allowed Miklos Szeredi 1993131 CVE-2021-3732 - KVM: nSVM: avoid picking up unsupported bits from L2 i...

kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode

A denial of service in the kernel side of the FUSE functionality can allow a local system to create a denial of service...

kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode

A denial of service in the kernel side of the FUSE functionality can allow a local system to create a denial of service...

kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode

A denial of service in the kernel side of the FUSE functionality can allow a local system to create a denial of service...

kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode

A denial of service in the kernel side of the FUSE functionality can allow a local system to create a denial of service...

F5 Networks BIG-IP : Linux kernel vulnerability (K84900646)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K84900646 advisory. - A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause...

ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name()

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information()

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS inode pathname, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open()

The ntfs3g package is susceptible to an input validation attack. When processing a crafted NTFS image there is an improper check. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS inodes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS inode pathname, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS inodes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

Unbreakable Enterprise kernel security update

4.14.35-2047.507.7.5 - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Handa Orabug: 33369947 CVE-2021-3573 - Bluetooth: use correct lock to prevent UAF of hdev object Lin Ma Orabug: 33369947 - Bluetooth: fix the erroneous flushwork order Lin Ma Orabug: 33369947 CVE-2021-3564 -...