Astra Linux - уязвимость в ntfs-3g

The file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

Astra Linux - уязвимость в ntfs-3g

An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

EUVD-2022-52608

Malicious code in bioql PyPI...

EUVD-2022-52610

Malicious code in bioql PyPI...

EUVD-2022-52606

Malicious code in bioql PyPI...

ROS-20240403-02

Vulnerability of ntfsnamesfullcollate function of NTFS file system for NTFS-3G FUSE module is related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges using a specially crafted NTFS image file The NT...

CentOS 9 : libguestfs-winsupport-9.2-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the libguestfs-winsupport-9.2-1.el9 build changelog. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the upstream position is...

Amazon Linux 2 : libguestfs-winsupport (ALAS-2023-2332)

The version of libguestfs-winsupport installed on the remote host is prior to 7.2-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2332 advisory. An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G...

Slackware Linux 14.2 / 15.0 / current ntfs-3g Multiple Vulnerabilities (SSA:2023-145-01)

The version of ntfs-3g installed on the remote host is prior to 2022.10.3. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-145-01 advisory. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the upstream...

SUSE CVE-2022-30783

An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...

MGASA-2022-0385 Updated ntfs-3g packages fix security vulnerability

ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. CVE-2021-46790 An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...

SUSE SLED12 / SLES12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2022:2836-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2836-1 advisory. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the...

SUSE-SU-2022:2836-1 Security update for ntfs-3g_ntfsprogs

This update for ntfs-3gntfsprogs fixes the following issues: Updated to version 2022.5.17 bsc1199978: - CVE-2022-30783: Fixed an issue where messages between NTFS-3G and the kernel could be intercepted when using libfuse-lite. - CVE-2022-30784: Fixed a memory exhaustion issue when opening a craft...

SUSE-SU-2022:2835-1 Security update for ntfs-3g_ntfsprogs

This update for ntfs-3gntfsprogs fixes the following issues: Updated to version 2022.5.17 bsc1199978: - CVE-2022-30783: Fixed an issue where messages between NTFS-3G and the kernel could be intercepted when using libfuse-lite. - CVE-2022-30784: Fixed a memory exhaustion issue when opening a craft...

Ubuntu 16.04 ESM : NTFS-3G vulnerabilities (USN-5463-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5463-2 advisory. USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

Debian DLA-3055-1 : ntfs-3g - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3055 advisory. Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege...

Debian DSA-5160-1 : ntfs-3g - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5160 advisory. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the upstream position is that ntfsck is deprecated;...

An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

...

An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.

...

Integer Underflow

ntfs is vulnerable to integer underflow. The vulnerability exists in fuselibreaddir which allows an attacker to read arbitrary memory read operations in NTFS-3G when using libfuse-lite...