PT-2022-5305 · Ntfs-3G+10 · Ntfs-3G+10

Eduardo Vela

+1

·

Published

2022-10-26

·

Updated

2024-06-15

·

CVE-2022-40284

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions NTFS-3G versions prior to 2022.10.3
Description A buffer overflow was discovered in NTFS-3G, which can be exploited by crafted metadata in an NTFS image, leading to code execution. This can be exploited by a local attacker if the ntfs-3g binary is setuid root, or by a physically proximate attacker if NTFS-3G software is configured to execute upon attachment of an external storage device. The issue is related to errors in processing metadata, allowing an attacker to execute arbitrary code.
Recommendations For NTFS-3G versions prior to 2022.10.3, update to version 2022.10.3 or later to resolve the issue. As a temporary workaround, consider disabling the execution of NTFS-3G upon attachment of an external storage device and removing setuid root permissions from the ntfs-3g binary to minimize the risk of exploitation. Restrict access to the ntfs-3g utility to prevent potential attacks.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-19CWE-120

Related Identifiers

ALSA-2023:5264
ALSA-2023:6167
ALT-PU-2022-3191
ALT-PU-2022-3208
ALT-PU-2022-3230
ALT-PU-2023-1655
ALT-PU-2023-4812
AZL-11388
BDU:2022-06607
CESA-2023_5264
CVE-2022-40284
DLA-3201-1
DSA-5270-1
MGASA-2022-0408
OESA-2022-2095
OPENSUSE-SU-2022_3866-1
OPENSUSE-SU-2024:12473-1
RHSA-2023:5239
RHSA-2023:5264
RHSA-2023:5405
RHSA-2023:5587
RHSA-2023:5796
RHSA-2023:6167
RHSA-2023:6168
RHSA-2023_5264
RHSA-2023_6167
RHSA-2024:0404
SUSE-SU-2022:3865-1
SUSE-SU-2022:3866-1
SUSE-SU-2022_3865-1
USN-5711-1
USN-5711-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Ntfs-3G
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu