A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22.

References

github.com/tuxera/ntfs-3g/releases

github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp

lists.debian.org/debian-lts-announce/2021/11/msg00013.html

security.gentoo.org/glsa/202301-01

www.debian.org/security/2021/dsa-4971

cbl_mariner 1

debiancve 1

cnvd 1

alpinelinux 1

veracode 1

prion 1

cve 1

ubuntucve 1

redhatcve 1

nvd 1

osv 24

nessus 16

openvas 6

suse 2

mageia 1

debian 3

altlinux 1

slackware 1

redhat 3

almalinux 1

gentoo 1

oraclelinux 1

rocky 1

cbl_mariner

CVE-2021-39259 affecting package ntfs-3g for versions less than 2021.8.22-1

2022-04-26 19:57:41

debiancve

CVE-2021-39259

2021-09-07 15:15:08

cnvd

Tuxera NTFS-3G Buffer Overflow Vulnerability (CNVD-2021-72275)

2021-09-07 00:00:00

alpinelinux

CVE-2021-39259

2021-09-07 15:15:00

veracode

Denial Of Service

2021-09-08 15:35:49

prion

Out-of-bounds

2021-09-07 15:15:00

cve

CVE-2021-39259

2021-09-07 15:15:08

ubuntucve

CVE-2021-39259

2021-09-07 00:00:00

redhatcve

CVE-2021-39259

2021-09-06 18:04:18

nvd

CVE-2021-39259

2021-09-07 15:15:08

osv

ntfs-3g - security update

2021-09-09 00:00:00

CVE-2021-39262

2021-09-07 15:15:08

CVE-2021-39253

2021-09-07 15:15:07

nessus

openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:1244-1)

2021-09-10 00:00:00

SUSE SLED12 / SLES12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2021:2965-1)

2021-09-08 00:00:00

openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:2971-1)

2021-09-08 00:00:00

openvas

openSUSE: Security Advisory for ntfs-3g_ntfsprogs (openSUSE-SU-2021:2971-1)

2021-09-08 00:00:00

Debian: Security Advisory (DSA-4971-1)

2021-09-10 00:00:00

Debian: Security Advisory (DLA-2819-1)

2021-11-18 00:00:00

suse

Security update for ntfs-3g_ntfsprogs (important)

2021-09-09 00:00:00

Security update for ntfs-3g_ntfsprogs (important)

2021-09-07 00:00:00

mageia

Updated ntfs-3g packages fix security vulnerability

2022-01-03 10:36:40

debian

[SECURITY] [DLA 2819-1] ntfs-3g security update

2021-11-16 22:56:32

[SECURITY] [DSA 4971-1] ntfs-3g security update

2021-09-09 19:15:24

[SECURITY] [DSA 4971-1] ntfs-3g security update

2021-09-09 19:15:24

altlinux

Security fix for the ALT Linux 9 package ntfs-3g version 2:2021.8.22-alt1

2021-09-10 00:00:00

slackware

[slackware-security] ntfs-3g

2021-08-31 21:01:05

redhat

(RHSA-2021:3703) Moderate: virt:av and virt-devel:av security and bug fix update

2021-09-30 16:19:56

(RHSA-2021:3704) Moderate: virt:8.2 and virt-devel:8.2 security update

2021-09-30 18:28:50

(RHSA-2022:1759) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

2022-05-10 07:59:57

almalinux

Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

2022-05-10 07:59:57

gentoo

NTFS-3G: Multiple Vulnerabilities

2023-01-11 00:00:00

oraclelinux

virt:ol and virt-devel:ol security, bug fix, and enhancement update

2022-05-17 00:00:00

rocky

virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

2022-05-10 07:59:57

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.2%

JSON

Related for CVELIST:CVE-2021-39259