CVE-2021-39259
Description
A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.114
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| ntfs-3g security update(DSA-4971-1) ntfs-3g_2017.3.23AR.3-3+deb10u1_i386.deb | Linux |
| ntfs-3g security update(DSA-4971-1) ntfs-3g_2017.3.23AR.3-3+deb10u1_amd64.deb | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update hivex-debugsource-1.3.18-23.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update hivex-devel-1.3.18-23.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-appliance-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-bash-completion-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-debugsource-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-gfs2-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-gobject-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-gobject-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-inspect-icons-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-java-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-java-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-javadoc-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-man-pages-ja-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-man-pages-uk-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-rescue-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-rsync-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-tools-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-tools-c-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-winsupport-8.6-1.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libguestfs-xfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libiscsi-debugsource-1.18.0-8.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libiscsi-devel-1.18.0-8.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libiscsi-utils-1.18.0-8.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libnbd-bash-completion-1.6.0-5.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libnbd-debugsource-1.6.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libnbd-devel-1.6.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libtpms-debugsource-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libvirt-dbus-debugsource-1.3.0-2.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libvirt-debugsource-8.0.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libvirt-docs-8.0.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libvirt-lock-sanlock-8.0.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libvirt-nss-8.0.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libvirt-python-debugsource-8.0.0-1.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update libvirt-wireshark-8.0.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update lua-guestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdfuse-1.6.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-bash-completion-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-basic-filters-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-basic-plugins-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-curl-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-debugsource-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-devel-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-example-plugins-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-gzip-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-gzip-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-linuxdisk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-nbd-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-python-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-server-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-ssh-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-tar-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-tar-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-tmpdisk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-vddk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update nbdkit-xz-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update netcf-0.2.8-12.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update netcf-debugsource-0.2.8-12.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update netcf-devel-0.2.8-12.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update perl-Sys-Virt-debugsource-8.0.0-1.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update python3-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update python3-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update python3-libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update qemu-kvm-debugsource-6.2.0-11.module+el8.6.0+14707+5aa4b42d.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update qemu-kvm-docs-6.2.0-11.module+el8.6.0+14707+5aa4b42d.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update qemu-kvm-hw-usbredir-6.2.0-11.module+el8.6.0+14707+5aa4b42d.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update qemu-kvm-ui-opengl-6.2.0-11.module+el8.6.0+14707+5aa4b42d.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update qemu-kvm-ui-spice-6.2.0-11.module+el8.6.0+14707+5aa4b42d.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update ruby-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update ruby-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update sgabios-0.20170427git-3.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update supermin-debugsource-5.2.1-1.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update supermin-devel-5.2.1-1.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update swtpm-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update swtpm-debugsource-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update swtpm-devel-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update swtpm-libs-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update swtpm-tools-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update virt-dib-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update virt-v2v-1.42.0-18.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update virt-v2v-bash-completion-1.42.0-18.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update virt-v2v-debugsource-1.42.0-18.module+el8.6.0+14480+c0a3aa0f.x86_64.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update virt-v2v-man-pages-ja-1.42.0-18.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
| (RHSA-2022:1759) virt:rhel and virt-devel:rhel security, bug fix, and enhancement update virt-v2v-man-pages-uk-1.42.0-18.module+el8.6.0+14480+c0a3aa0f.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234