CVE-2021-39263

A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22.

Link	Resource
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp	Third Party Advisory
https://github.com/tuxera/ntfs-3g/releases	Release Notes Third Party Advisory
https://www.debian.org/security/2021/dsa-4971	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202301-01	Third Party Advisory

Configuration 1

cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

---

Published : 2021-09-07 03:15

Updated : 2023-01-13 06:53

---

NVD link : CVE-2021-39263

Mitre link : CVE-2021-39263

Ntfs-3g

Tuxera

CWE-787