Univention Bugzilla – Bug 54857
ntfs-3g: Multiple issues (5.0)
Last modified: 2022-06-15 16:19:16 CEST
New Debian ntfs-3g 1:2017.3.23AR.3-3+deb10u2 fixes: This update addresses the following issues: * heap-based buffer overflow in ntfsck (CVE-2021-46790) * invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic (CVE-2022-30783) * crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value (CVE-2022-30784) * a file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations (CVE-2022-30785) * crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate (CVE-2022-30786) * integer underflow in fuse_lib_readdir enables arbitrary memory read operations (CVE-2022-30787) * crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc (CVE-2022-30788) * crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array (CVE-2022-30789)
--- mirror/ftp/pool/main/n/ntfs-3g/ntfs-3g_2017.3.23AR.3-3+deb10u1.dsc +++ apt/ucs_5.0-0-errata5.0-1/source/ntfs-3g_2017.3.23AR.3-3+deb10u2.dsc @@ -1,3 +1,24 @@ +1:2017.3.23AR.3-3+deb10u2 [Thu, 09 Jun 2022 14:43:42 +0200] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * Fix multiple issues (Closes: #1011770) + - Used a default usn when the former one cannot be retrieved + (CVE-2022-30788) + - Made sure there is no null character in an attribute name + (CVE-2022-30786) + - Avoided allocating and reading an attribute beyond its full size + (CVE-2022-30784) + - Made sure the client log data does not overflow from restart page + (CVE-2022-30789) + - Made sure there is no null character in an attribute name (bis) + (CVE-2022-30786) + - Fixed possible out-of-buffer condition in ntfsck (CVE-2021-46790) + - Fixed operation on little endian data (CVE-2022-30788) + - Returned an error code when the --help or --version options are + used (CVE-2022-30783) + - Hardened the checking of directory offset requested by a readdir + (CVE-2022-30785, CVE-2022-30787) + 1:2017.3.23AR.3-3+deb10u1 [Sun, 05 Sep 2021 14:53:02 +0200] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://piuparts.knut.univention.de/5.0-1/#4912380165344699772>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-1] 50e7f03341 Bug #54857: ntfs-3g 1:2017.3.23AR.3-3+deb10u2 doc/errata/staging/ntfs-3g.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x337>