300 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents infinite loops that occur when the next valid value is the same. When processing the valid field within the range valid : pos, if the valid value cannot be retrieved correctly—for example, if the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Handling of errors from attrsetsize when truncating files. If attrsetsize fails during file truncation, the error is silently ignored, and the inode may remain in an inconsistent state...
Astra Linux – Vulnerability in ntfs-3g
NTFS-3G versions prior to 2021.8.22 may experience a heap buffer overflow when a specially crafted NTFS attribute is set up using the function ntfsattrsetupflag. This could allow code execution and an escalation of privileges...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can cause a heap-based buffer overflow in the ntfsmftrecalloc function within NTFS-3G from version 2021.8.22 onwards...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can cause a heap-based buffer overflow in ntfscompressedpwrite in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can cause a heap-based buffer overflow in ntfs inodelookupbyname in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can lead to out-of-bounds reads in ntfsattrfind and ntfsexternalattrfind in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can lead to a out-of-bounds access vulnerability, caused by an unsanitized attribute length in ntfs inodelookupbyname, in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can lead to a out-of-bounds access in ntfs inode syncstandardinformation in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a couple of integer overflows on 32-bit systems. On 32-bit systems, the addition of “off + sizeofstruct NTFSDE” can lead to an integer wrapping issue. This issue was fixed by using sizeadd...
Astra Linux – Vulnerability in Linux 5.15
A use-after-free flaw was discovered in the Linux kernel, specifically in the logreplay function within fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and causes a kernel information leak...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validated rec-used in the journal-replay file record check. The checkfilerecord function validates rec-total against the record size, but never validates rec-used. The doaction journal-replay handlers read rec-used from...
CVE-2026-48095
7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...
Linux Distros Unpatched Vulnerability : CVE-2025-71309
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now...
ntfs3: add buffer boundary checks to run_unpack()
...
CVE-2026-45864
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...
UBUNTU-CVE-2025-71311
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize new folios before use KMSAN reports an uninitialized value in longestmatchstd, invoked from ntfscompresswrite. When new folios are allocated without being marked uptodate and nireadframe is skipped because th...
UBUNTU-CVE-2026-45864
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...