CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35267 – ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections
https://notcve.org/view.php?id=CVE-2021-35267
07 Sep 2021 — NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. NTFS-3G versiones anteriores a 2021.8.22, puede ocurrir un desbordamiento del búfer de la pila cuando son corregidas las diferencias en el MFT y el MFTMirror, permitiendo una ejecución de código o una escalada de privilegios cuando es setuid-root The ntfs3g package is susceptible to a stack overflow. When correcting dif... • http://ntfs-3g.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35268 – ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode
https://notcve.org/view.php?id=CVE-2021-35268
07 Sep 2021 — In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. En NTFS-3G versiones anteriores a 2021.8.22, cuando es cargado un inodo NTFS especialmente diseñado en la función ntfs_inode_real_open, puede ocurrir un desbordamiento del búfer de la pila, permitiendo una ejecución de código y una escalada de privilegios The ntfs3g package is susceptible to a heap over... • http://ntfs-3g.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35269 – ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT
https://notcve.org/view.php?id=CVE-2021-35269
07 Sep 2021 — NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. NTFS-3G versiones anteriores a 2021.8.22, cuando un atributo NTFS especialmente diseñado de la MFT es configurado en la función ntfs_attr_setup_flag, un desbordamiento de búfer de la pila puede ocurrir permitiendo una ejecución de código y una escalada de privilegios The ntfs3g package is s... • http://ntfs-3g.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-33285 – ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records
https://notcve.org/view.php?id=CVE-2021-33285
07 Sep 2021 — In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing... • http://www.openwall.com/lists/oss-security/2021/08/30/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-33286 – ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string
https://notcve.org/view.php?id=CVE-2021-33286
07 Sep 2021 — In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. En NTFS-3G versiones anteriores a 2021.8.22, cuando se suministra una cadena unicode especialmente diseñada en una imagen NTFS puede ocurrir un desbordamiento del búfer de la pila y permitir la ejecución de código The ntfs3g package is susceptible to a heap overflow on crafted unicode input. When processing NTFS unicode input, proper bounds chec... • http://ntfs-3g.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-33287 – ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes
https://notcve.org/view.php?id=CVE-2021-33287
07 Sep 2021 — In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. En NTFS-3G versiones anteriores a 2021.8.22, cuando se leen atributos NTFS especialmente diseñados en la función ntfs_attr_pread_i, puede ocurrir un desbordamiento del búfer de la pila y permitir la escritura en memoria arbitraria o la denegación de servicio de la aplicación The ... • http://ntfs-3g.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-33289 – ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section
https://notcve.org/view.php?id=CVE-2021-33289
07 Sep 2021 — In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. En NTFS-3G versiones anteriores a 2021.8.22, cuando se suministra una sección MFT especialmente manipulada en una imagen NTFS, puede producirse un desbordamiento del búfer de la pila y permitir la ejecución de código The ntfs3g package is susceptible to a heap overflow on crafted input. When processing the MFT, proper bounds checking was not enforc... • http://ntfs-3g.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-39251 – ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open()
https://notcve.org/view.php?id=CVE-2021-39251
07 Sep 2021 — A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. Una imagen NTFS diseñada puede causar una desreferencia de puntero NULL en la función ntfs_extent_inode_open en NTFS-3G versiones anteriores a 2021.8.22 The ntfs3g package is susceptible to an input validation attack. When processing a crafted NTFS image there is an improper check. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Kernel-based... • http://www.openwall.com/lists/oss-security/2021/08/30/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-39252 – ntfs-3g: Out-of-bounds read in ntfs_ie_lookup()
https://notcve.org/view.php?id=CVE-2021-39252
07 Sep 2021 — A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22. Una imagen NTFS diseñada puede causar una lectura fuera de los límites en la función ntfs_ie_lookup en NTFS-3G versiones anteriores a 2021.8.22 The ntfs3g package is susceptible to an input validation flaw. When processing a crafted NTFS image there is an improper check which leads to an out of bounds read. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.... • https://github.com/tuxera/ntfs-3g/releases • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-39253 – ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i()
https://notcve.org/view.php?id=CVE-2021-39253
07 Sep 2021 — A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22. Una imagen NTFS diseñada puede causar una lectura fuera de límites en la función ntfs_runlists_merge_i en NTFS-3G versiones anteriores a 2021.8.22 The ntfs3g package is susceptible to an input validation flaw. When processing a crafted NTFS image there is an improper check which leads to an out of bounds read. The highest threat from this vulnerability is to confidentiality, integrity, as well as system ava... • https://github.com/tuxera/ntfs-3g/releases • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •