Количество 12
Количество 12
BDU:2022-00245
Уязвимость реализации функции ntfs_get_attribute_value драйвера файловой системы NTFS для модуля FUSE NTFS-3G, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании
CVE-2021-33285
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild.
CVE-2021-33285
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild.
CVE-2021-33285
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild.
CVE-2021-33285
CVE-2021-33285
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribu ...
openSUSE-SU-2021:2971-1
Security update for ntfs-3g_ntfsprogs
openSUSE-SU-2021:1244-1
Security update for ntfs-3g_ntfsprogs
SUSE-SU-2021:2971-1
Security update for ntfs-3g_ntfsprogs
SUSE-SU-2021:2965-1
Security update for ntfs-3g_ntfsprogs
RLSA-2022:1759
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
ELSA-2022-1759
ELSA-2022-1759: virt:ol and virt-devel:ol security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-00245 Уязвимость реализации функции ntfs_get_attribute_value драйвера файловой системы NTFS для модуля FUSE NTFS-3G, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании | CVSS3: 7.8 | 0% Низкий | почти 4 года назад |
 | CVE-2021-33285 In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild. | CVSS3: 7.8 | 0% Низкий | почти 4 года назад |
 | CVE-2021-33285 In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild. | CVSS3: 7.8 | 0% Низкий | почти 4 года назад |
 | CVE-2021-33285 In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild. | CVSS3: 7.8 | 0% Низкий | почти 4 года назад |
 | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад | |
| CVE-2021-33285 In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribu ... | CVSS3: 7.8 | 0% Низкий | почти 4 года назад |
 | openSUSE-SU-2021:2971-1 Security update for ntfs-3g_ntfsprogs | почти 4 года назад | ||
| openSUSE-SU-2021:1244-1 Security update for ntfs-3g_ntfsprogs | почти 4 года назад | ||
| SUSE-SU-2021:2971-1 Security update for ntfs-3g_ntfsprogs | почти 4 года назад | ||
| SUSE-SU-2021:2965-1 Security update for ntfs-3g_ntfsprogs | почти 4 года назад | ||
 | RLSA-2022:1759 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | около 3 лет назад | ||
| ELSA-2022-1759 ELSA-2022-1759: virt:ol and virt-devel:ol security, bug fix, and enhancement update (MODERATE) | около 3 лет назад |
Уязвимостей на страницу