[Epel-packagers-sig] [Bug 2093340] New: CVE-2022-30788 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc

3 Jun 2022


      https://bugzilla.redhat.com/show_bug.cgi?id=2093340
Bug ID: 2093340
           Summary: CVE-2022-30788 ntfs-3g: crafted NTFS image can cause a
                    heap-based buffer overflow in ntfs_mft_rec_alloc
           Product: Security Response
          Hardware: All
                OS: Linux
            Status: NEW
         Component: vulnerability
          Keywords: Security
          Severity: medium
          Priority: medium
          Assignee: security-response-team@redhat.com
          Reporter: gsuckevi@redhat.com
                CC: ddepaula@redhat.com,
                    epel-packagers-sig@lists.fedoraproject.org,
                    jferlan@redhat.com, kparal@redhat.com,
                    ngompa13@gmail.com, rjones@redhat.com,
                    spotrh@gmail.com, virt-maint@redhat.com
  Target Milestone: ---
    Classification: Other
A crafted NTFS image can cause a heap-based buffer overflow in
ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
References:
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-xchm-ph5h-hw4x
https://github.com/tuxera/ntfs-3g/releases
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2093340

2025

2024

2023

2022

2021

[Epel-packagers-sig] [Bug 2093340] New: CVE-2022-30788 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc