16 matches found
UBUNTU-CVE-2026-46072
In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...
CVE-2026-46072
In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...
PT-2026-43929
In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix integer overflow in run unpack volume boundary check The volume boundary check lcn + len sbi-used.bitmap.nbits uses raw addition which can wrap around for large lcn and len values, bypassing the validation. Use check a...
CVE-2026-46062
ntfs3: fix integer overflow in rununpack volume boundary check...
PT-2026-43939
In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to run unpack run unpack checks run buf run last at the top of the while loop but then reads size size and offset size bytes via run unpack s64 without verifying they fit within the remaining...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
CVE-2025-71265
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite lo...
fs: ntfs3: Fix integer overflow in run_unpack()
...
SUSE CVE-2025-40068
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
CVE-2025-40068
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
UBUNTU-CVE-2025-40068
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
EUVD-2025-36460
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
CVE-2025-40068 fs: ntfs3: Fix integer overflow in run_unpack()
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
CVE-2025-40068
The CVE-2025-40068 entry is supported by multiple connected advisories confirming a concrete Linux kernel issue in the ntfs3 subsystem. The vulnerability stems from an overflow in the run_unpack() path that decodes the MFT runlist (used to map virtual clusters to logical clusters). Because values...
PT-2025-44136
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel's NTFS3 subsystem related to integer overflow in the run unpack function. The run unpack function decodes compressed runlist data from MFT attributes,...
UBUNTU-CVE-2023-26544
In the Linux kernel 6.0.8, there is a use-after-free in rununpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size...