Jann Horn discovered that NTFS-3G incorrectly filtered environment variables when using the modprobe utility. A local attacker could possibly use this issue to load arbitrary kernel modules.
{ "availability": "No subscription required", "binaries": [ { "ntfs-3g-dev-dbgsym": "1:2015.3.14AR.1-1ubuntu0.1", "ntfs-3g": "1:2015.3.14AR.1-1ubuntu0.1", "ntfs-3g-dbg": "1:2015.3.14AR.1-1ubuntu0.1", "ntfs-3g-dev": "1:2015.3.14AR.1-1ubuntu0.1", "ntfs-3g-dbgsym": "1:2015.3.14AR.1-1ubuntu0.1", "ntfs-3g-udeb-dbgsym": "1:2015.3.14AR.1-1ubuntu0.1", "ntfs-3g-udeb": "1:2015.3.14AR.1-1ubuntu0.1" } ] }