CVE-2022-50841 fs/ntfs3: Add overflow check for attribute size

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size The offset addition could overflow and pass the used size check given an attribute with very large size e.g., 0xffffff7f while parsing MFT attributes. This could lead to out-of-boun...

EUVD-2023-60368

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...

CVE-2022-50739

The connected docs confirm CVE-2022-50739 affects the Linux kernel's ntfs3 filesystem. Root cause: missing validation of inode's i_op pointer after reading the Root directory MFT, which can cause a NULL pointer dereference when mounting an image with a malformed Root directory MFT record. The fix...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clear the allocated run buffer when reading MFT fails, which could lead to a memory leak...

PT-2025-53105

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc4 Description The Linux kernel contains a flaw in the NTFS3 file system implementation. Specifically, a missing null pointer check for inode operations can lead to a kernel null pointer dereference when...

SUSE CVE-2025-40068

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

AZL-68933 CVE-2025-40068 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

CVE-2025-40068

The CVE-2025-40068 entry is supported by multiple connected advisories confirming a concrete Linux kernel issue in the ntfs3 subsystem. The vulnerability stems from an overflow in the run_unpack() path that decodes the MFT runlist (used to map virtual clusters to logical clusters). Because values...

CVE-2025-40068 fs: ntfs3: Fix integer overflow in run_unpack()

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

EUVD-2018-4612

Malware in sbrugna...

EUVD-2022-52305

Malicious code in bioql PyPI...

EUVD-2022-5806

Malicious code in bioql PyPI...

EUVD-2022-3623

Malicious code in bioql PyPI...

EUVD-2022-52308

Malicious code in bioql PyPI...

EUVD-2022-5446

Malicious code in bioql PyPI...

EUVD-2025-25675

Malicious code in bioql PyPI...

EUVD-2022-5709

Malicious code in bioql PyPI...

EUVD-2022-52303

Malicious code in bioql PyPI...

EUVD-2022-3765

Malicious code in bioql PyPI...

CVE-2022-50336 fs/ntfs3: Add null pointer check to attr_load_runs_vcn

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...