Lucene search
PRIOn knowledge basePRION:CVE-2021-39254HistorySep 07, 2021 - 3:15 p.m.
Integer overflow
2021-09-0715:15:00
PRIOn knowledge base
www.prio-n.com
6
A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 9.0 | |
| debian_linux | eq | 10.0 | |
| debian_linux | eq | 11.0 | |
| fedora | eq | 33 | |
| fedora | eq | 35 | |
| ntfs-3g | lt | 2021.8.22 |
References
github.com/tuxera/ntfs-3g/releases
github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
lists.debian.org/debian-lts-announce/2021/11/msg00013.html
lists.fedoraproject.org/archives/list/[email protected]/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/
lists.fedoraproject.org/archives/list/[email protected]/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/
security.gentoo.org/glsa/202301-01
www.debian.org/security/2021/dsa-4971
Related
ubuntucve
ubuntucve
CVE-2021-39254
2021-09-07 00:00:00
cvelist
cvelist
CVE-2021-39254
2021-09-07 00:00:00
redhatcve
redhatcve
CVE-2021-39254
2021-09-06 17:22:41
cnvd
cnvd
Tuxera NTFS-3G integer overflow vulnerability
2021-09-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-39254 affecting package ntfs-3g for versions less than 2021.8.22-1
2022-04-26 19:57:41
alpinelinux
alpinelinux
CVE-2021-39254
2021-09-07 15:15:00
debiancve
debiancve
CVE-2021-39254
2021-09-07 15:15:07
veracode
veracode
Denial Of Service (DoS)
2021-09-08 15:35:44
nvd
nvd
CVE-2021-39254
2021-09-07 15:15:07
cve
cve
CVE-2021-39254
2021-09-07 15:15:07
fedora
fedora
[SECURITY] Fedora 35 Update: ntfs-3g-2021.8.22-2.fc35
2021-09-24 20:50:50
[SECURITY] Fedora 33 Update: ntfs-3g-2021.8.22-2.fc33
2021-09-23 19:30:16
openvas
openvas
Fedora: Security Advisory for ntfs-3g (FEDORA-2021-e7c8ba6301)
2021-09-24 00:00:00
Fedora: Security Advisory for ntfs-3g (FEDORA-2021-5b1dac797b)
2021-10-02 00:00:00
Huawei EulerOS: Security Advisory for ntfs-3g (EulerOS-SA-2021-2807)
2021-12-26 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : ntfs-3g (EulerOS-SA-2021-2807)
2021-12-25 00:00:00
Slackware Linux 14.2 / current ntfs-3g Multiple Vulnerabilities (SSA:2021-243-01)
2021-09-02 00:00:00
Debian DSA-4971-1 : ntfs-3g - security update
2021-09-09 00:00:00
debian
debian
[SECURITY] [DLA 2819-1] ntfs-3g security update
2021-11-16 22:56:32
[SECURITY] [DSA 4971-1] ntfs-3g security update
2021-09-09 19:15:24
[SECURITY] [DSA 4971-1] ntfs-3g security update
2021-09-09 19:15:24
osv
osv
altlinux
altlinux
Security fix for the ALT Linux 9 package ntfs-3g version 2:2021.8.22-alt1
2021-09-10 00:00:00
slackware
slackware
[slackware-security] ntfs-3g
2021-08-31 21:01:05
mageia
mageia
Updated ntfs-3g packages fix security vulnerability
2022-01-03 10:36:40
redhat
redhat
(RHSA-2021:3704) Moderate: virt:8.2 and virt-devel:8.2 security update
2021-09-30 18:28:50
almalinux
almalinux
gentoo
gentoo
NTFS-3G: Multiple Vulnerabilities
2023-01-11 00:00:00
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-05-10 07:59:57
oraclelinux
oraclelinux
virt:ol and virt-devel:ol security, bug fix, and enhancement update
2022-05-17 00:00:00