[Bug 2093326] New: CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
Bug ID: 2093326 Summary: CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: gsuckevi@redhat.com CC: ddepaula@redhat.com, epel-packagers-sig@lists.fedoraproject.org, jferlan@redhat.com, kparal@redhat.com, ngompa13@gmail.com, rjones@redhat.com, spotrh@gmail.com, virt-maint@redhat.com Target Milestone: --- Classification: Other
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
References: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-xchm-ph5h-hw4x https://github.com/tuxera/ntfs-3g/releases
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
Guilherme de Almeida Suckevicz gsuckevi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2093331, 2093328, 2093327, | |2093329, 2093330
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2093327 [Bug 2093327] CVE-2022-30786 ntfs-3g-system-compression: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093328 [Bug 2093328] CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093329 [Bug 2093329] CVE-2022-30786 ntfs2btrfs: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093330 [Bug 2093330] CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093331 [Bug 2093331] CVE-2022-30786 ntfs-3g-system-compression: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
--- Comment #1 from Guilherme de Almeida Suckevicz gsuckevi@redhat.com --- Created ntfs-3g tracking bugs for this issue:
Affects: epel-all [bug 2093330] Affects: fedora-all [bug 2093328]
Created ntfs-3g-system-compression tracking bugs for this issue:
Affects: epel-all [bug 2093327] Affects: fedora-all [bug 2093331]
Created ntfs2btrfs tracking bugs for this issue:
Affects: fedora-all [bug 2093329]
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
Guilherme de Almeida Suckevicz gsuckevi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2093356
https://bugzilla.redhat.com/show_bug.cgi?id=2093326 Bug 2093326 depends on bug 2093328, which changed state.
Bug 2093328 Summary: CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093328
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=2093326 Bug 2093326 depends on bug 2093331, which changed state.
Bug 2093331 Summary: CVE-2022-30786 ntfs-3g-system-compression: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093331
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=2093326 Bug 2093326 depends on bug 2093330, which changed state.
Bug 2093330 Summary: CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093330
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
--- Doc Text *updated* by Guilherme de Almeida Suckevicz gsuckevi@redhat.com --- A vulnerability was found in NTFS-3G. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition.
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
Guilherme de Almeida Suckevicz gsuckevi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |ntfs-3g 2022.5.17
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
Guilherme de Almeida Suckevicz gsuckevi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2127243, 2127241, 2127246, | |2127242, 2127244, 2127240, | |2127245
https://bugzilla.redhat.com/show_bug.cgi?id=2093326 Bug 2093326 depends on bug 2093329, which changed state.
Bug 2093329 Summary: CVE-2022-30786 ntfs2btrfs: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2093329
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
--- Comment #3 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2023:2179 https://access.redhat.com/errata/RHSA-2023:2179
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
errata-xmlrpc errata-xmlrpc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Link ID| |Red Hat Product Errata | |RHSA-2023:2179
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
--- Comment #4 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2023:2757 https://access.redhat.com/errata/RHSA-2023:2757
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
errata-xmlrpc errata-xmlrpc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Link ID| |Red Hat Product Errata | |RHSA-2023:2757
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
--- Comment #5 from Product Security DevOps Team prodsec-dev@redhat.com --- This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2022-30786
https://bugzilla.redhat.com/show_bug.cgi?id=2093326
Product Security DevOps Team prodsec-dev@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |ERRATA Last Closed| |2023-05-17 01:12:23
epel-packagers-sig@lists.fedoraproject.org
-
bugzilla@redhat.com