PT-2021-5791 · Ntfs-3G+7 · Ntfs-3G+7

Akshay Ajayan

+3

·

Published

2021-08-23

·

Updated

2024-06-15

·

CVE-2021-33285

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions NTFS-3G versions prior to 2021.8.22
Description The issue is related to the implementation of the ntfs get attribute value function in the NTFS-3G file system driver. It is caused by an out-of-bound buffer access due to a missing consistency check after reading an MFT record, where the bytes in use field should be less than the bytes allocated field. This can lead to a heap buffer overflow, allowing for memory disclosure or denial of service when a specially crafted NTFS attribute is supplied to the function. The vulnerability can be triggered by mounting a crafted NTFS partition.
Recommendations For NTFS-3G versions prior to 2021.8.22, update to version 2021.8.22 or later to resolve the issue. As a temporary workaround, consider restricting access to the ntfs get attribute value function until a patch is available. Avoid mounting crafted NTFS partitions to minimize the risk of exploitation.

Fix

DoS

Out of bounds Read

Memory Corruption

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787CWE-20

Related Identifiers

ALSA-2022:1759
ALT-PU-2021-2673
ALT-PU-2021-2730
ALT-PU-2021-2767
ALT-PU-2022-2244
AZL-6748
BDU:2022-00245
CESA-2022_1759
CVE-2021-33285
DLA-2819-1
DSA-4971-1
GHSA-Q759-8J5V-Q5JP
MGASA-2022-0001
OESA-2021-1365
OPENSUSE-SU-2021:1244-1
OPENSUSE-SU-2021:2971-1
OPENSUSE-SU-2021_1244-1
OPENSUSE-SU-2021_2971-1
OPENSUSE-SU-2024:11101-1
RHSA-2021:3703
RHSA-2021:3704
RHSA-2022:1759
RHSA-2022_1759
RLSA-2022:1759
SUSE-SU-2021:2965-1
SUSE-SU-2021:2971-1
USN-5060-1
USN-5060-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Ntfs-3G
Red Hat
Rocky Linux
Suse