Описание
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
A buffer overflow flaw was found in NTFS-3G. This issue occurs via a crafted metadata in an NTFS image that can cause code execution. A local attacker can exploit this issue if the NTFS-3G binary is setuid root. A physically proximate attacker can exploit this issue if the NTFS-3G software is configured to execute upon attachment of an external storage device.
Also this vulnerability may allow an attacker using a maliciously crafted NTFS-formatted image file or external storage to potentially execute arbitrary privileged code, if the attacker has either local access and the ntfs-3g binary is setuid root, or if the attacker has physical access to an external port to a computer which is configured to run the ntfs-3g binary or one of the ntfsprogs tools when the external storage is plugged into the computer. This vulnerability results from incorrect validation of some of the NTFS metadata that could potentially cause buffer overflow, which could be exploited by an attacker.
Отчет
This flaw has a lower impact on Red Hat Enterprise Linux because the ntfs-3g tool is run in a supermin appliance, which is similar to a virtual machine instantiated on the fly, and it does not have the SUID bit set. Thus an attacker is very limited on what he can do to the vulnerable system.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | libguestfs-winsupport | Out of support scope | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:av/libguestfs-winsupport | Affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt-devel:av/libguestfs-winsupport | Affected | ||
| Advanced Virtualization for RHEL 8.4.0.EUS | virt | Fixed | RHSA-2023:5405 | 28.09.2023 |
| Advanced Virtualization for RHEL 8.4.0.EUS | virt-devel | Fixed | RHSA-2023:5405 | 28.09.2023 |
| Red Hat Enterprise Linux 8 | virt-devel | Fixed | RHSA-2023:5264 | 19.09.2023 |
| Red Hat Enterprise Linux 8 | virt | Fixed | RHSA-2023:5264 | 19.09.2023 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | virt | Fixed | RHSA-2023:5239 | 19.09.2023 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | virt | Fixed | RHSA-2023:5587 | 10.10.2023 |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | virt | Fixed | RHSA-2023:5587 | 10.10.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted ...
EPSS
3.3 Low
CVSS3