In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix missing iop in ntfsread_mft
There is null pointer dereference because iop == NULL. The bug happens because we don't initialize iop for records in $Extend.
{ "urgency": "not yet assigned" }