[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2022-30787Date: (C)2022-05-27   (M)2023-12-22


An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.7CVSS Score : 4.6
Exploit Score: 0.8Exploit Score: 3.9
Impact Score: 5.9Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: HIGHAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
DSA-5160
FEDORA-2022-1176b501f0
FEDORA-2022-13bc8c91b0
FEDORA-2022-8f775872c9
FEDORA-2022-8fa7e5aeaf
GLSA-202301-01
https://lists.debian.org/debian-lts-announce/2022/06/msg00017.html
http://www.openwall.com/lists/oss-security/2022/06/07/4
https://github.com/tuxera/ntfs-3g/releases
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-6mv4-4v73-xw58

CPE    1
cpe:/o:debian:debian_linux:9.0
CWE    1
CWE-191
OVAL    10
oval:org.secpod.oval:def:86441
oval:org.secpod.oval:def:3301047
oval:org.secpod.oval:def:86466
oval:org.secpod.oval:def:707136
...

© SecPod Technologies