CVE-2022-40284
published 2022-11-06CVE-2022-40284: A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if…
PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.35%
26.6th percentile
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | ntfs-3g | < ntfs-3g 1:2022.10.3-1 (bookworm) | ntfs-3g 1:2022.10.3-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | cbl2_ntfs-3g_2022.10.3-1_on_cbl_mariner_2.0 | — | — |
| tuxera | ntfs-3g | < 2022.10.3 | 2022.10.3 |
| tuxera | ntfs-3g | >= 0 < 1:2017.3.23AR.3-4+deb11u3 | 1:2017.3.23AR.3-4+deb11u3 |
| tuxera | ntfs-3g | >= 0 < 1:2022.10.3-1 | 1:2022.10.3-1 |
| tuxera | ntfs-3g | >= 0 < 1:2022.10.3-1 | 1:2022.10.3-1 |
| tuxera | ntfs-3g | >= 0 < 1:2022.10.3-1 | 1:2022.10.3-1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH
vendor_debian7.8HIGH
vendor_msrc7.8HIGH
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A phys
vendor_msrc·2022-11-08·CVSS 7.8
CVE-2022-40284 [HIGH] CWE-120 A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A phys
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing
Ubuntu
NTFS-3G vulnerability
vendor_ubuntu·2022-11-03
CVE-2022-40284 NTFS-3G vulnerability
Title: NTFS-3G vulnerability
Summary: NTFS-3G could be made to crash or run programs as an administrator
if it mounted a specially crafted disk.
USN-5711-1 fixed a vulnerability in NTFS-3G. This update provides
the corresponding update for Ubuntu 14.04 ESM Ubuntu 16.04 ESM.
Original advisory details:
Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated
certain NTFS metadata. A local attacker could possibly use this issue to
gain privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
NTFS-3G vulnerability
vendor_ubuntu·2022-11-02
CVE-2022-40284 NTFS-3G vulnerability
Title: NTFS-3G vulnerability
Summary: NTFS-3G could be made to crash or run programs as an administrator
if it mounted a specially crafted disk.
Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated
certain NTFS metadata. A local attacker could possibly use this issue to
gain privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image
vendor_redhat·2022-10-31·CVSS 7.8
CVE-2022-40284 [HIGH] CWE-119 NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image
NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
A buffer overflow flaw was found in NTFS-3G. This issue occurs via a crafted metadata in an NTFS image that can cause code execution. A local attacker can exploit this issue if the NTFS-3G binary is setuid root. A physically proximate attacker can exploit this issue if the NTFS-3G software is configured to execute upon attachment of an external storage dev
Debian
CVE-2022-40284: ntfs-3g - A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata i...
vendor_debian·2022·CVSS 7.8
CVE-2022-40284 [HIGH] CVE-2022-40284: ntfs-3g - A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata i...
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
Scope: local
bookworm: resolved (fixed in 1:2022.10.3-1)
bullseye: resolved (fixed in 1:2017.3.23AR.3-4+deb11u3)
forky: resolved (fixed in 1:2022.10.3-1)
sid: resolved (fixed in 1:2022.10.3-1)
trixie: resolved (fixed in 1:2022.10.3-1)
OSV
CVE-2022-40284: A buffer overflow was discovered in NTFS-3G before 2022
osv·2022-11-06·CVSS 7.8
CVE-2022-40284 [HIGH] CVE-2022-40284: A buffer overflow was discovered in NTFS-3G before 2022
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
No detection rules found.
No public exploits indexed.
http://www.openwall.com/lists/oss-security/2022/10/31/2https://github.com/tuxera/ntfs-3g/releaseshttps://lists.debian.org/debian-lts-announce/2022/11/msg00029.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BOQ7YLFT43KLXEN3EB6CS4DP635RJWP/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IA2D4PYOR7ABI7BWBMMMYKY2OPHTV2NI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGDKGXA4R2ZVUQ3CT4D4YGTFMNZQA7HW/https://security.gentoo.org/glsa/202301-01http://www.openwall.com/lists/oss-security/2022/10/31/2https://github.com/tuxera/ntfs-3g/releaseshttps://lists.debian.org/debian-lts-announce/2022/11/msg00029.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BOQ7YLFT43KLXEN3EB6CS4DP635RJWP/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IA2D4PYOR7ABI7BWBMMMYKY2OPHTV2NI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGDKGXA4R2ZVUQ3CT4D4YGTFMNZQA7HW/https://security.gentoo.org/glsa/202301-01
2022-11-06
Published