EUVD-2022-55519

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-50336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could...

CVE-2022-50262

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate BOOT recordsize When the NTFS BOOT recordsize field recordbits calculation through blksizebits assumes the size always 256, which could lead to NPD while mounting a malformed NTFS image. 318.675159 BUG: kernel...

UBUNTU-CVE-2022-50336

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...

CVE-2022-50336 fs/ntfs3: Add null pointer check to attr_load_runs_vcn

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...

CVE-2022-50262

CVE-2022-50262 concerns the Linux kernel NTFS handling in the ntfs3 file system. Technical details in the connected documents show that when the NTFS BOOT record_size is negative (treated as a shift value), there is no validation of the resulting shift. This allows an invalid size to propagate in...

PT-2025-37516

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's NTFS3 implementation related to the validation of the BOOT record size field. When the record size field is negative, it's interpreted as a shift...

PT-2025-37638

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a vulnerability in the NTFS3 file system implementation. Specifically, a null pointer dereference can occur in the attr load runs vcn function when handling...

CVE-2007-4199

Brian Carrier The Sleuth Kit TSK before 2.09 allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain NTFS files via a malformed NTFS image that triggers 1 dereference of a certain integer value by ntfsdent.c in fls, or 2 dereference ...

Code injection

Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers...

PT-2007-5243 · Guidance · Encase

Name of the Vulnerable Software and Affected Versions: Guidance Software EnCase affected versions not specified Description: The issue arises from the improper handling of certain malformed MBR partition tables and NTFS filesystems. This allows remote attackers to prevent the logical collection o...