Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tuxera NTFS-3G 缓冲区错误漏洞
Vulnerability Description
Tuxera NTFS-3G是芬兰Tuxera公司的一套开源的、跨平台的用于支持NTFS分区读写的驱动程序。 NTFS-3G 存在缓冲区错误漏洞,该漏洞源于在 NTFS-3 < 2021.8.22 中,由 ntfs_inode_lookup_name 中未捕捉的属性长度引起的注意力制作的 NTFS 映像可能会触发越界访问。
CVSS Information
N/A
Vulnerability Type
N/A