Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2021-35269

NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges.

Related bugs and status

CVE-2021-35269 (Candidate) is related to these bugs:

Bug #1951239: Merge ntfs-3g 1:2021.8.22-3 from Debian

Summary				In	Importance	Status
	1951239	Merge ntfs-3g 1:2021.8.22-3 from Debian		ntfs-3g (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://ntfs-3g.com
DEBIAN: DSA-4971
MLIST: [oss-security] 2021083...
FEDORA: FEDORA-2021-e7c8ba6301
FEDORA: FEDORA-2021-5b1dac797b
MLIST: [debian-lts-announce] ...
GENTOO: GLSA-202301-01