A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
{ "vanir_signatures": [ { "id": "CVE-2022-40284-95bd24cb", "digest": { "threshold": 0.9, "line_hashes": [ "229114391697958096691432936098819842262", "121519476808419324359138408051850792601", "162880585381817795634419956231716962859" ] }, "signature_version": "v1", "deprecated": false, "target": { "file": "src/ntfs-3g.c" }, "signature_type": "Line", "source": "https://github.com/tuxera/ntfs-3g/commit/78414d93613532fd82f3a82aba5d4a1c32898781" }, { "id": "CVE-2022-40284-ae3f4538", "digest": { "threshold": 0.9, "line_hashes": [ "6026667066006274991699535869917555024", "64192165873624888343770117488607838199", "81121319675522598436247948911860345528" ] }, "signature_version": "v1", "deprecated": false, "target": { "file": "src/lowntfs-3g.c" }, "signature_type": "Line", "source": "https://github.com/tuxera/ntfs-3g/commit/78414d93613532fd82f3a82aba5d4a1c32898781" } ] }