PT-2022-3245 · Ntfs-3G+6 · Ntfs-3G+6

Roman Fiedler

·

Published

2022-05-16

·

Updated

2024-04-03

·

CVE-2022-30785

CVSS v2.0

7.2

High

VectorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions NTFS-3G versions through 2021.8.22
Description The issue is related to a buffer overflow vulnerability in the NTFS file system descriptor for the FUSE NTFS-3G module, allowing arbitrary memory read and write operations. This can be exploited by an attacker to execute arbitrary code with elevated privileges using a specially crafted request. A file handle created in fuse lib opendir and later used in fuse lib readdir enables these operations when using libfuse-lite.
Recommendations For NTFS-3G versions through 2021.8.22, consider disabling the fuse lib readdir function when using libfuse-lite until a patch is available to prevent arbitrary memory read and write operations. Restrict access to the fuse lib opendir function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Code Injection

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-94CWE-787

Related Identifiers

ALT-PU-2022-3191
ALT-PU-2022-3208
ALT-PU-2022-3230
ALT-PU-2023-1655
ALT-PU-2023-4812
AZL-9848
BDU:2022-03951
CVE-2022-30785
DLA-3055-1
DSA-5160-1
GHSA-6MV4-4V73-XW58
MGASA-2022-0385
OESA-2022-1685
OPENSUSE-SU-2022_2835-1
SUSE-SU-2022:2835-1
SUSE-SU-2022:2836-1
USN-5463-1
USN-5463-2

Affected Products

Alt Linux
Astra Linux
Linuxmint
Ntfs-3G
Red Os
Suse
Ubuntu