CVE-2023-52890

Опубликовано: 13 июн. 2024

Источник: debian

Описание

NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ntfs-3g	fixed	1:2022.10.3-3		package
ntfs-3g	fixed	1:2022.10.3-1+deb12u1	bookworm	package
ntfs-3g	fixed	1:2017.3.23AR.3-4+deb11u4	bullseye	package
ntfs-3g	postponed		buster	package

Примечания

https://github.com/tuxera/ntfs-3g/issues/84
Fixed by: https://github.com/tuxera/ntfs-3g/commit/75dcdc2cf37478fad6c0e3427403d198b554951d

Связанные уязвимости

CVE-2023-52890

CVSS3: 4.5

ubuntu

около 1 года назад

NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging.

CVE-2023-52890

CVSS3: 4.5

nvd

около 1 года назад

NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging.

CVE-2023-52890

CVSS3: 4.5

msrc

12 месяцев назад

Описание отсутствует

SUSE-SU-2024:2187-1

suse-cvrf

12 месяцев назад

Security update for ntfs-3g_ntfsprogs

SUSE-SU-2024:2074-1

suse-cvrf

около 1 года назад

Security update for ntfs-3g_ntfsprogs