Описание
Security update for ntfs-3g_ntfsprogs
This update for ntfs-3g_ntfsprogs fixes the following issues:
- CVE-2023-52890: Fixed use-after-free in 'ntfs_uppercase_mbs' in unistr.c (bsc#1226007).
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP5
libntfs-3g-devel-2022.5.17-5.20.1
libntfs-3g84-2022.5.17-5.20.1
SUSE Linux Enterprise Workstation Extension 12 SP5
libntfs-3g84-2022.5.17-5.20.1
ntfs-3g-2022.5.17-5.20.1
ntfsprogs-2022.5.17-5.20.1
Ссылки
- Link for SUSE-SU-2024:2074-1
- E-Mail link for SUSE-SU-2024:2074-1
- SUSE Security Ratings
- SUSE Bug 1226007
- SUSE CVE CVE-2023-52890 page
Описание
NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libntfs-3g-devel-2022.5.17-5.20.1
SUSE Linux Enterprise Software Development Kit 12 SP5:libntfs-3g84-2022.5.17-5.20.1
SUSE Linux Enterprise Workstation Extension 12 SP5:libntfs-3g84-2022.5.17-5.20.1
SUSE Linux Enterprise Workstation Extension 12 SP5:ntfs-3g-2022.5.17-5.20.1
Ссылки
- CVE-2023-52890
- SUSE Bug 1226007