CVE-2021-39254

Опубликовано: 07 сент. 2021

Источник: debian

Описание

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ntfs-3g	fixed	1:2021.8.22-1	experimental	package
ntfs-3g	fixed	1:2021.8.22-2		package

Примечания

https://www.openwall.com/lists/oss-security/2021/08/30/1
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp

Связанные уязвимости

CVE-2021-39254

CVSS3: 7.8

ubuntu

почти 4 года назад

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.

CVE-2021-39254

CVSS3: 7.8

redhat

почти 4 года назад

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.

CVE-2021-39254

CVSS3: 7.8

nvd

почти 4 года назад

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.

CVE-2021-39254

CVSS3: 7.8

msrc

больше 3 лет назад

Описание отсутствует

GHSA-j6xg-g9vq-x958

CVSS3: 7.8

github

около 3 лет назад

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.