Showing 1 - 5 of 5

CVE-2021-33285

Status Candidate

Overview

In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild.

Related Files

Gentoo Linux Security Advisory 202301-01: Posted Jan 11, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202301-1 - Multiple vulnerabilities have been found in NTFS-3G, the worst of which could result in arbitrary code execution. Versions less than 2022.10.3 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256; SHA-256 | eb68b9775411efb58023314649ba5c1a2acc470176356ba8cbefbf814eb80a7a; Download | Favorite | View

Red Hat Security Advisory 2022-1759-01: Posted May 11, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1759-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.; tags | advisory, overflow, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2021-20196, CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-3622, CVE-2021-3716, CVE-2021-3748, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263, CVE-2021-3975, CVE-2021-4145; SHA-256 | cf2c26724e7650e1aeb0964cd78478438588a1ed37ddff36eb738dc4866cc442; Download | Favorite | View

Red Hat Security Advisory 2021-3704-01: Posted Oct 1, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3704-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, and out of bounds read vulnerabilities.; tags | advisory, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-3631, CVE-2021-3667, CVE-2021-3682, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263; SHA-256 | 5864f73fcab2cbaccf361eb3ef0f59a34a59c5e826c50cff47e2ad6e9a3e23bf; Download | Favorite | View

Red Hat Security Advisory 2021-3703-01: Posted Oct 1, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3703-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, and out of bounds read vulnerabilities.; tags | advisory, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-3416, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-3631, CVE-2021-3667, CVE-2021-3682, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263; SHA-256 | 068ff65f70859525d3b455fd8772ae5c3f403368b8f4d1aad2358e1d98469674; Download | Favorite | View

Debian Security Advisory 4971-1: Posted Sep 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4971-1 - Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege escalation.; tags | advisory, local, root, vulnerability; systems | linux, debian; advisories | CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256; SHA-256 | 507f001642bcc1403611d56627f15d6bf5b64ac341f2e2a5db931f2781606046; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 240 files
indoushka 173 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,123)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,209)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,823)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,848)
UNIX (9,455)
UnixWare (188)
Windows (6,772)
Other

CVE-2021-33285

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems