44 matches found
PT-2026-43939
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The run unpack function in the ntfs3 driver fails to verify if the size size and offset size bytes read via run unpack s64 fit within the remaining buffer, despite checking run buf run...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed the missing iop in ntfsreadmft. There is a null pointer dereference issue because iop == NULL. The bug occurs because we do not initialize iop for records in $Extend$...
Astra Linux - уязвимость в ntfs-3g
In NTFS-3G versions before 2021.8.22, when a specially crafted NTFS attribute is provided to the function ntfsgetattributevalue, a heap buffer overflow can occur, allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access, which can be...
Astra Linux - уязвимость в ntfs-3g
NTFS-3G versions prior to 2021.8.22 may experience a heap buffer overflow when a specially crafted NTFS attribute is set up using the function ntfsattrsetupflag. This could allow code execution and an escalation of privileges...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...
CVE-2022-50841
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size The offset addition could overflow and pass the used size check given an attribute with very large size e.g., 0xffffff7f while parsing MFT attributes. This could lead to out-of-boun...
EUVD-2023-60368
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...
CVE-2022-50739
The connected docs confirm CVE-2022-50739 affects the Linux kernel's ntfs3 filesystem. Root cause: missing validation of inode's i_op pointer after reading the Root directory MFT, which can cause a NULL pointer dereference when mounting an image with a malformed Root directory MFT record. The fix...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clear the allocated run buffer when reading MFT fails, which could lead to a memory leak...
PT-2025-53105
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc4 Description The Linux kernel contains a flaw in the NTFS3 file system implementation. Specifically, a missing null pointer check for inode operations can lead to a kernel null pointer dereference when...
AZL-68933 CVE-2025-40068 affecting package kernel for versions less than 6.6.112.1-2
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
CVE-2025-40068 fs: ntfs3: Fix integer overflow in run_unpack()
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
CVE-2025-40068
The CVE-2025-40068 entry is supported by multiple connected advisories confirming a concrete Linux kernel issue in the ntfs3 subsystem. The vulnerability stems from an overflow in the run_unpack() path that decodes the MFT runlist (used to map virtual clusters to logical clusters). Because values...
CVE-2022-50336 fs/ntfs3: Add null pointer check to attr_load_runs_vcn
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...
CVE-2022-50336
CVE-2022-50336 – Linux kernel (fs/ntfs3) Root cause: a missing null pointer check in attr_load_runs_vcn when parsing certain NTFS metadata before MFT could permit a kernel NULL pointer dereference on malformed images. Impact: kernel crash/free crash (NPD) resulting from NULL dereference in ntfs-r...
Linux Distros Unpatched Vulnerability : CVE-2022-48425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 Note that...
DEBIAN-CVE-2022-49763
In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...
DEBIAN-CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions prior to 6.2.7, which stems from s/ntfs3/inode.c having a kfree that does not validate the MFT flag before replaying lo...
SUSE CVE-2018-11727
The libfsntfsattributereadfrommft function in libfsntfsattribute.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs issue 8 on GitHub...