CVE-2021-39252

Опубликовано: 30 авг. 2021

Источник: redhat

CVSS3: 7.8

EPSS Низкий

Описание

A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.

The ntfs3g package is susceptible to an input validation flaw. When processing a crafted NTFS image there is an improper check which leads to an out of bounds read. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	libguestfs-winsupport	Out of support scope
Red Hat Enterprise Linux 8 Advanced Virtualization	virt:8.2/libguestfs-winsupport	Affected
Red Hat Enterprise Linux 8 Advanced Virtualization	virt:av/libguestfs-winsupport	Affected
Red Hat Enterprise Linux 9	libguestfs-winsupport	Affected
Advanced Virtualization for RHEL 8.2.1	virt	Fixed	RHSA-2021:3704	30.09.2021
Advanced Virtualization for RHEL 8.2.1	virt-devel	Fixed	RHSA-2021:3704	30.09.2021
Advanced Virtualization for RHEL 8.4.0.Z	virt	Fixed	RHSA-2021:3703	30.09.2021
Advanced Virtualization for RHEL 8.4.0.Z	virt-devel	Fixed	RHSA-2021:3703	30.09.2021
Red Hat Enterprise Linux 8	virt-devel	Fixed	RHSA-2022:1759	10.05.2022
Red Hat Enterprise Linux 8	virt	Fixed	RHSA-2022:1759	10.05.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=2001650ntfs-3g: Out-of-bounds read in ntfs_ie_lookup()

EPSS

Процентиль: 5%

0.00023

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2021-39252

CVSS3: 7.8

ubuntu

почти 4 года назад

A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.

CVE-2021-39252

CVSS3: 7.8

nvd

почти 4 года назад

A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.

CVE-2021-39252

CVSS3: 7.8

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-39252

CVSS3: 7.8

debian

почти 4 года назад

A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup ...

GHSA-2m6w-285w-23qv

CVSS3: 7.8

github

около 3 лет назад

A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.

EPSS

Процентиль: 5%

0.00023

Низкий

7.8 High

CVSS3