ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS inode pathname, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

In NTFS-3G versions < 2021.8.22 when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure denial of service and even code execution.

...

ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS inode pathname, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS inode pathname, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

PT-2021-5782 · Ntfs-3G +7 · Ntfs-3G +7

Name of the Vulnerable Software and Affected Versions: NTFS-3G versions prior to 2021.8.22 Description: The issue is related to a heap buffer overflow that can occur when a specially crafted NTFS inode pathname is supplied in an NTFS image. This can result in memory disclosure, denial of service,...