Описание
A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
A vulnerability was found in NTFS-3G. A file handle created in fuse_lib_opendir and later used in fuse_lib_readdir allows out-of-bounds read/write operations.
Отчет
The package libguestfs-winsupport, as shipped with Red Hat Enterprise Linux, is not affected by this vulnerability as it does not use the internal libfuse, known as libfuse-lite or libfuse2.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | libguestfs-winsupport | Out of support scope | ||
| Red Hat Enterprise Linux 8 | virt:rhel/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:av/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt-devel:8.2/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt-devel:av/libguestfs-winsupport | Not affected | ||
| Red Hat Enterprise Linux 9 | libguestfs-winsupport | Not affected |
Показывать по
Дополнительная информация
Статус:
6.7 Medium
CVSS3
Связанные уязвимости
A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
A file handle created in fuse_lib_opendir, and later used in fuse_lib_ ...
A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
6.7 Medium
CVSS3