Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from setting the fc-fsprivate pointer to NULL in ntfsfillsuper without releasing the memory it points...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-40706)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-40706 advisory. - In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in...

CVE-2026-40706

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...

CVE-2025-71267

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...

Windows NTFS Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally...

EUVD-2025-34421

Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally...

CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...

Linux Distros Unpatched Vulnerability : CVE-2025-37806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user...

Microsoft Windows NTFS 缓冲区错误漏洞

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing, and logging capabilities. A buffer error vulnerability exists in Microsoft Windows NTFS. The following products and editions are affected:Windows 10 Version...

PT-2025-8486 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the fs/ntfs3 module. The issue arises when the NTFS BOOT sectors per clusters field has a value greater than 0x80...

AZL-53093 CVE-2024-50244 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in niclear Checking of NTFSFLAGSLOGREPLAYING added to prevent access to uninitialized bitmap during replay process...

CVE-2024-50244 fs/ntfs3: Additional check in ni_clear()

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in niclear Checking of NTFSFLAGSLOGREPLAYING added to prevent access to uninitialized bitmap during replay process...

Microsoft Windows NTFS 资源管理错误漏洞

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-repair, and logging capabilities. A resource management error vulnerability exists in Microsoft Windows NTFS. The following products and versions are affected:Window...

Palo Alto Networks PAN-OS 8.1.x < 8.1.24 / 9.0.x < 9.0.17 / 9.1.x < 9.1.15-h1 / 10.0.x < 10.0.12 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.24 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.15-h1 or 10.0.x prior to 10.0.12. It is, therefore, affected by a vulnerability. - A vulnerability in Palo Alto Networks PAN-OS software enables a remote...

Police investigate sexual assault on an avatar

British police are investigating a case involving a virtual sexual assault of a girls avatar. Even though there was no physical violence involved the incident will be investigated as it has caused psychological trauma. By definition, an avatar is a virtual representation of a user and is driven b...

CVE-2023-4692 Grub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...

grub2 buffer error vulnerability

grub2 is a Linux system boot program from the American GNU community. A security vulnerability exists in grub2 that stems from an out-of-bounds read vulnerability in the NTFS file system driver...

grub2 buffer error vulnerability

grub2 is a Linux system boot program from the American GNU community. A security vulnerability exists in grub2 that stems from an out-of-bounds write vulnerability in the NTFS file system driver...

CVE-2023-29346

NTFS Elevation of Privilege Vulnerability...

ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array

A vulnerability was found in NTFS-3G. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition...