Описание
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.
A vulnerability was found in NTFS-3G. An invalid return code in fuse_kern_mount allows libfuse-lite protocol traffic between NTFS-3G and the kernel to be intercepted.
Отчет
The package libguestfs-winsupport, as shipped with Red Hat Enterprise Linux is not affected by this vulnerability as it does not use the internal libfuse, known as libfuse-lite or libfuse2.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | libguestfs-winsupport | Out of support scope | ||
| Red Hat Enterprise Linux 8 | virt:rhel/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:av/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt-devel:8.2/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt-devel:av/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 9 | libguestfs-winsupport | Not affected |
Показывать по
Дополнительная информация
Статус:
6.7 Medium
CVSS3
Связанные уязвимости
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.
An invalid return code in fuse_kern_mount enables intercepting of libf ...
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.
6.7 Medium
CVSS3