OESA-2021-1365
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1365
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2021-1365.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2021-1365
- Upstream
- Published
- 2021-09-30T11:03:14Z
- Modified
- 2025-08-12T05:08:26.612258Z
- Summary
- ntfs-3g security update
- Details
-
NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux and many other operating systems. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems.
Security Fix(es):
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfsgetattributevalue, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytesinuse" field should be less than the "bytesallocated" field. When it is not, the parsing of the records proceeds into the wild.(CVE-2021-33285)
A crafted NTFS image can cause an out-of-bounds read in ntfsielookup in NTFS-3G < 2021.8.22.(CVE-2021-39252)
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfsattrfindinattrdef, in NTFS-3G < 2021.8.22.(CVE-2021-39255)
In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.(CVE-2021-33289)
In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.(CVE-2021-33286)
NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfsattrsetup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges.(CVE-2021-35269)
A crafted NTFS image can cause a heap-based buffer overflow in ntfscompressedpwrite in NTFS-3G < 2021.8.22.(CVE-2021-39261)
A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfsgetattribute_value, in NTFS-3G < 2021.8.22.(CVE-2021-39263)
A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.(CVE-2021-39262)
A crafted NTFS image can cause an out-of-bounds access in ntfsinodesyncstandardinformation in NTFS-3G < 2021.8.22.(CVE-2021-39260)
A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfsinodelookupbyname, in NTFS-3G < 2021.8.22.(CVE-2021-39259)
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfsinodereal_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges.(CVE-2021-35268)
A crafted NTFS image can cause a heap-based buffer overflow in ntfsinodelookupbyname in NTFS-3G < 2021.8.22.(CVE-2021-39256)
A crafted NTFS image can cause an out-of-bounds read in ntfsrunlistsmerge_i in NTFS-3G < 2021.8.22.(CVE-2021-39253)
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution.(CVE-2021-35266)
A crafted NTFS image can cause out-of-bounds reads in ntfsattrfind and ntfsexternalattr_find in NTFS-3G < 2021.8.22.(CVE-2021-39258)
In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfsattrpread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application.(CVE-2021-33287)
A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfsattrrecord_resize, in NTFS-3G < 2021.8.22.(CVE-2021-39254)
NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.(CVE-2021-35267)
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfsattrpwrite), causing stack consumption in NTFS-3G < 2021.8.22.(CVE-2021-39257)
A crafted NTFS image can cause a NULL pointer dereference in ntfsextentinode_open in NTFS-3G < 2021.8.22.(CVE-2021-39251)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1365
- https://nvd.nist.gov/vuln/detail/CVE-2021-33285
- https://nvd.nist.gov/vuln/detail/CVE-2021-39252
- https://nvd.nist.gov/vuln/detail/CVE-2021-39255
- https://nvd.nist.gov/vuln/detail/CVE-2021-33289
- https://nvd.nist.gov/vuln/detail/CVE-2021-33286
- https://nvd.nist.gov/vuln/detail/CVE-2021-35269
- https://nvd.nist.gov/vuln/detail/CVE-2021-39261
- https://nvd.nist.gov/vuln/detail/CVE-2021-39263
- https://nvd.nist.gov/vuln/detail/CVE-2021-39262
- https://nvd.nist.gov/vuln/detail/CVE-2021-39260
- https://nvd.nist.gov/vuln/detail/CVE-2021-39259
- https://nvd.nist.gov/vuln/detail/CVE-2021-35268
- https://nvd.nist.gov/vuln/detail/CVE-2021-39256
- https://nvd.nist.gov/vuln/detail/CVE-2021-39253
- https://nvd.nist.gov/vuln/detail/CVE-2021-35266
- https://nvd.nist.gov/vuln/detail/CVE-2021-39258
- https://nvd.nist.gov/vuln/detail/CVE-2021-33287
- https://nvd.nist.gov/vuln/detail/CVE-2021-39254
- https://nvd.nist.gov/vuln/detail/CVE-2021-35267
- https://nvd.nist.gov/vuln/detail/CVE-2021-39257
- https://nvd.nist.gov/vuln/detail/CVE-2021-39251
Affected packages
openEuler:20.03-LTS-SP1 / ntfs-3g
Package
- Name
- ntfs-3g
- Purl
- pkg:rpm/openEuler/ntfs-3g&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2021.8.22-1.oe1
Ecosystem specific
{
"x86_64": [
"ntfs-3g-debugsource-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-help-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-debuginfo-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-devel-2021.8.22-1.oe1.x86_64.rpm"
],
"src": [
"ntfs-3g-2021.8.22-1.oe1.src.rpm"
],
"aarch64": [
"ntfs-3g-debugsource-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-debuginfo-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-devel-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-help-2021.8.22-1.oe1.aarch64.rpm"
]
}
openEuler:20.03-LTS-SP2 / ntfs-3g
Package
- Name
- ntfs-3g
- Purl
- pkg:rpm/openEuler/ntfs-3g&distro=openEuler-20.03-LTS-SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2021.8.22-1.oe1
Ecosystem specific
{
"x86_64": [
"ntfs-3g-devel-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-debuginfo-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-debugsource-2021.8.22-1.oe1.x86_64.rpm",
"ntfs-3g-help-2021.8.22-1.oe1.x86_64.rpm"
],
"src": [
"ntfs-3g-2021.8.22-1.oe1.src.rpm"
],
"aarch64": [
"ntfs-3g-help-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-debugsource-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-devel-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-2021.8.22-1.oe1.aarch64.rpm",
"ntfs-3g-debuginfo-2021.8.22-1.oe1.aarch64.rpm"
]
}