PT-2023-9789 · Ntfs-3G+5 · Ntfs-3G+5

Jeffbencteux

Publicado

2023-06-13

Atualizado

2026-04-21

CVE-2023-52890

CVSS v3.1

4.5

Média

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions NTFS-3G versions before 75dcdc2

Description The issue is related to a use-after-free error in the ntfs uppercase mbs function in libntfs-3g/unistr.c. This could potentially allow an attacker to cause a crash. However, discussions suggest that exploiting this issue would be challenging.

Recommendations For NTFS-3G versions before 75dcdc2, update to a version after 75dcdc2 to resolve the issue. As a temporary workaround, consider restricting access to the ntfs uppercase mbs function until a patch is available.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

AZL-42652

AZL-42667

BDU:2024-11076

CVE-2023-52890

MGASA-2024-0284

OESA-2024-1739

OPENSUSE-SU-2024:14046-1

OPENSUSE-SU-2024_2187-1

SUSE-SU-2024:2074-1

SUSE-SU-2024:2187-1

SUSE-SU-2024_2074-1

SUSE-SU-2024_2187-1

USN-8192-1

Produtos afetados

Astra Linux

Linuxmint

Ntfs-3G

Red Os

Suse

Ubuntu

PT-2023-9789 · Ntfs-3G+5 · Ntfs-3G+5

CVE-2023-52890

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 35