27 matches found
CVE-2026-43245
In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...
CVE-2025-71267
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
CVE-2025-40068
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
EUVD-2025-34421
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally...
CVE-2025-22832 Buffer Overflow in NTFS when parsing the ATTRIBUTE_LIST
APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability...
Microsoft Windows NTFS 缓冲区错误漏洞
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing, and logging capabilities. A buffer error vulnerability exists in Microsoft Windows NTFS. The following products and editions are affected:Windows 10 Version...
AZL-53093 CVE-2024-50244 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in niclear Checking of NTFSFLAGSLOGREPLAYING added to prevent access to uninitialized bitmap during replay process...
CVE-2024-50244 fs/ntfs3: Additional check in ni_clear()
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in niclear Checking of NTFSFLAGSLOGREPLAYING added to prevent access to uninitialized bitmap during replay process...
CVE-2023-4692 Grub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...
CVE-2023-29346
NTFS Elevation of Privilege Vulnerability...
ntfs-3g: heap-based buffer overflow in ntfsck
A vulnerability was found in NTFS-3G, specifically in the ntfsck utility. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition...
PT-2023-33546 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.17 Description: A potential issue exists in the fs/ntfs3 component, specifically in the ntfs read mft function, where a duplicate condition is deleted. The actual impact and attack plausibility of this issue...
PT-2022-36580 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.334 Description: The issue is related to an overflow when iterating ATTR RECORDs in ntfs. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the U.S. umount is a software package used to uninstall devices in Unix platforms. Linux kernel suffers from a security vulnerability that stems from a double-release flaw found in the NTFS3...
ALPINE-CVE-2022-30784
A crafted NTFS image can cause heap exhaustion in ntfsgetattributevalue in NTFS-3G through 2021.8.22...
UBUNTU-CVE-2022-30789
A crafted NTFS image can cause a heap-based buffer overflow in ntfschecklogclientarray in NTFS-3G through 2021.8.22...
Tuxera NTFS-3G 代码注入漏洞
Tuxera NTFS-3G is an open-source, cross-platform set of drivers from Tuxera Finland for supporting read and write NTFS partitions.A code injection vulnerability exists in Tuxera NTFS-3G, which stems from the presence of an invalid return code in fusekernmount. No detailed vulnerability details ar...
A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.
...
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22.
...
ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite()
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...