Msuhanov

**Name of the Vulnerable Software and Affected Versions** AMI NTFS driver version 1.0.0 **Description** The AMI NTFS driver has a buffer overflow issue. This driver is used in certain devices, such as those from ASUS. The issue was reported and fixed by AMI in late 2021, but as of now, the fix may not be fully incorporated into supported products by downstream vendors. **Recommendations** For AMI NTFS driver version 1.0.0, update to a version that includes the fix for the buffer overflow issue, as the fix was implemented by AMI in late 2021 or early 2022.

**Name of the Vulnerable Software and Affected Versions** GRUB2 versions (affected versions not specified) **Description** An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a file system with a duplicate UUID can bypass the GRUB password protection feature on UEFI systems. This issue was introduced in a downstream patch in Red Hat's version of grub2 and does not affect the upstream package. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.5.11 Linux kernel versions through 6.8.0 **Description** The issue allows a physically proximate attacker to read kernel memory by mounting a filesystem and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. This can occur if a Linux distribution is configured to allow unprivileged mounts of removable media. **Recommendations** For Linux kernel versions prior to 6.5.11, update to version 6.5.11 or later to resolve the issue. For Linux kernel versions through 6.8.0, consider restricting unprivileged mounts of removable media as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** relan exFAT version 1.3.0 **Description** The issue allows local users to obtain sensitive information, specifically data from deleted files in the filesystem, under certain conditions involving offsets beyond ValidDataLength. **Recommendations** For relan exFAT version 1.3.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NTFS-3G versions through 2021.8.22 **Description** The issue is related to a heap-based buffer overflow in the NTFS-3G module, specifically involving the `check file record` function and the `ntfsck` tool. This overflow occurs in dynamic memory and can be exploited by a remote attacker to execute arbitrary code with elevated privileges using a specially crafted malicious NTFS file system. The `ntfsck` tool is noted to be deprecated upstream but is still shipped by some Linux distributions. **Recommendations** For NTFS-3G versions through 2021.8.22, consider disabling the `ntfsck` tool or restricting its use until a patch is available to mitigate the risk of exploitation. As a temporary workaround, avoid using the `check file record` function in the NTFS-3G module until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.