CVE-2021-39262

Опубликовано: 30 авг. 2021

Источник: redhat

CVSS3: 7.8

Описание

A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	libguestfs-winsupport	Out of support scope
Red Hat Enterprise Linux 8 Advanced Virtualization	virt:8.2/libguestfs-winsupport	Affected
Red Hat Enterprise Linux 8 Advanced Virtualization	virt:av/libguestfs-winsupport	Affected
Red Hat Enterprise Linux 9	libguestfs-winsupport	Affected
Advanced Virtualization for RHEL 8.2.1	virt	Fixed	RHSA-2021:3704	30.09.2021
Advanced Virtualization for RHEL 8.2.1	virt-devel	Fixed	RHSA-2021:3704	30.09.2021
Advanced Virtualization for RHEL 8.4.0.Z	virt	Fixed	RHSA-2021:3703	30.09.2021
Advanced Virtualization for RHEL 8.4.0.Z	virt-devel	Fixed	RHSA-2021:3703	30.09.2021
Red Hat Enterprise Linux 8	virt-devel	Fixed	RHSA-2022:1759	10.05.2022
Red Hat Enterprise Linux 8	virt	Fixed	RHSA-2022:1759	10.05.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=2001665ntfs-3g: Out-of-bounds access in ntfs_decompress()

7.8 High

CVSS3

Связанные уязвимости

CVE-2021-39262

CVSS3: 7.8

ubuntu

почти 4 года назад

A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.

CVE-2021-39262

CVSS3: 7.8

nvd

почти 4 года назад

A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.

CVE-2021-39262

CVSS3: 7.8

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-39262

CVSS3: 7.8

debian

почти 4 года назад

A crafted NTFS image can cause an out-of-bounds access in ntfs_decompr ...

GHSA-xhmw-j639-ph2m

CVSS3: 7.8

github

около 3 лет назад

A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.

7.8 High

CVSS3