CVE-2022-30788

Опубликовано: 26 мая 2022

Источник: redhat

CVSS3: 7.8

EPSS Низкий

Описание

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.

A vulnerability was found in NTFS-3G. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	libguestfs-winsupport	Out of support scope
Red Hat Enterprise Linux 8 Advanced Virtualization	virt:8.2/libguestfs-winsupport	Will not fix
Red Hat Enterprise Linux 8 Advanced Virtualization	virt:av/libguestfs-winsupport	Will not fix
Red Hat Enterprise Linux 8 Advanced Virtualization	virt-devel:8.2/libguestfs-winsupport	Will not fix
Red Hat Enterprise Linux 8 Advanced Virtualization	virt-devel:av/libguestfs-winsupport	Will not fix
Red Hat Enterprise Linux 8	virt-devel	Fixed	RHSA-2023:2757	16.05.2023
Red Hat Enterprise Linux 8	virt	Fixed	RHSA-2023:2757	16.05.2023
Red Hat Enterprise Linux 9	libguestfs-winsupport	Fixed	RHSA-2023:2179	09.05.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=2093340ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc

EPSS

Процентиль: 8%

0.00034

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2022-30788

CVSS3: 7.8

ubuntu

около 3 лет назад

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.

CVE-2022-30788

CVSS3: 7.8

nvd

около 3 лет назад

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.

CVE-2022-30788

CVSS3: 7.8

msrc

около 3 лет назад

Описание отсутствует

CVE-2022-30788

CVSS3: 7.8

debian

около 3 лет назад

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mf ...

GHSA-cq26-r6qj-8656

CVSS3: 6.8

github

около 3 лет назад

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.

EPSS

Процентиль: 8%

0.00034

Низкий

7.8 High

CVSS3