Home/Product/tuxera ntfs 3g
Product

tuxera ntfs 3g

33 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2022-40284
< 2022.10.3
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local
7.8HIGH
 CVE-2022-30789
<= 2021.8.22
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
7.8HIGH
 CVE-2022-30788
<= 2021.8.22
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
7.8HIGH
 CVE-2022-30787
<= 2021.8.22
An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-
6.7MEDIUM
 CVE-2022-30786
<= 2021.8.22
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
7.8HIGH
 CVE-2022-30785
<= 2021.8.22
A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations
6.7MEDIUM
 CVE-2022-30784
<= 2021.8.22
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
7.8HIGH
 CVE-2022-30783
<= 2021.8.22
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in
6.7MEDIUM
 CVE-2021-46790
<= 2021.8.22
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that
7.8HIGH
 CVE-2021-39263
< 2021.8.22
A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in
7.8HIGH
 CVE-2021-39262
< 2021.8.22
A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-39261
< 2021.8.22
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-39260
< 2021.8.22
A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-39259
< 2021.8.22
A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name,
7.8HIGH
 CVE-2021-39258
< 2021.8.22
A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-39257
< 2021.8.22
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrit
5.5MEDIUM
 CVE-2021-39256
< 2021.8.22
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-39255
< 2021.8.22
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G <
7.8HIGH
 CVE-2021-39254
< 2021.8.22
A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_r
7.8HIGH
 CVE-2021-39253
< 2021.8.22
A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-39252
< 2021.8.22
A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-39251
< 2021.8.22
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.
7.8HIGH
 CVE-2021-35267
< 2021.8.22
NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for
7.8HIGH
 CVE-2021-35266
< 2021.8.22
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow
7.8HIGH
 CVE-2021-33287
< 2021.8.22
In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer
7.8HIGH
 CVE-2021-33286
< 2021.8.22
In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can o
7.8HIGH
 CVE-2021-35269
< 2021.8.22
NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag,
7.8HIGH
 CVE-2021-35268
< 2021.8.22
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer
7.8HIGH
 CVE-2021-33289
< 2021.8.22
In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occu
7.8HIGH
 CVE-2021-33285
< 2021.8.22
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a h
7.8HIGH
 CVE-2019-9755
all versions
An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g wi
7.0HIGH
 CVE-2017-0358
<= 2016.2.22
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before
7.8HIGH
 CVE-2007-5159
<= 1.913-1.fc7
The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (set
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin