Lucene search

K
ubuntuUbuntuUSN-5711-2
HistoryNov 03, 2022 - 12:00 a.m.

NTFS-3G vulnerability

2022-11-0300:00:00
ubuntu.com
40
ntfs-3g
ubuntu
esm
ntfs metadata
privileges

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0

Percentile

5.1%

Releases

  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • ntfs-3g - read/write NTFS driver for FUSE

Details

USN-5711-1 fixed a vulnerability in NTFS-3G. This update provides
the corresponding update for Ubuntu 14.04 ESM Ubuntu 16.04 ESM.

Original advisory details:

Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated
certain NTFS metadata. A local attacker could possibly use this issue to
gain privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu16.04noarchntfs-3g< 1:2015.3.14AR.1-1ubuntu0.3+esm4UNKNOWN
Ubuntu16.04noarchntfs-3g< 1:2015.3.14AR.1-1ubuntu0.3UNKNOWN
Ubuntu16.04noarchntfs-3g-dbg< 1:2015.3.14AR.1-1ubuntu0.3UNKNOWN
Ubuntu16.04noarchntfs-3g-dbgsym< 1:2015.3.14AR.1-1ubuntu0.3UNKNOWN
Ubuntu16.04noarchntfs-3g-dev< 1:2015.3.14AR.1-1ubuntu0.3UNKNOWN
Ubuntu16.04noarchntfs-3g-dev-dbgsym< 1:2015.3.14AR.1-1ubuntu0.3UNKNOWN
Ubuntu16.04noarchntfs-3g-udeb< 1:2015.3.14AR.1-1ubuntu0.3UNKNOWN
Ubuntu16.04noarchntfs-3g-udeb-dbgsym< 1:2015.3.14AR.1-1ubuntu0.3UNKNOWN
Ubuntu14.04noarchntfs-3g< 1:2013.1.13AR.1-2ubuntu2+esm4UNKNOWN
Ubuntu14.04noarchntfs-3g< 1:2013.1.13AR.1-2ubuntu2UNKNOWN
Rows per page:
1-10 of 131

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0

Percentile

5.1%