Your submission was sent successfully! Close

CVE-2022-30788

Published: 26 May 2022

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
ntfs-3g
Launchpad, Ubuntu, Debian
bionic
Released (1:2017.3.23-2ubuntu0.18.04.4)
focal
Released (1:2017.3.23AR.3-3ubuntu1.2)
impish
Released (1:2017.3.23AR.3-3ubuntu5.1)
jammy
Released (1:2021.8.22-3ubuntu1.1)
kinetic
Released (2022.5.17-1ubuntu1)
trusty
Released (1:2013.1.13AR.1-2ubuntu2+esm3)
upstream
Released (1:2022.5.17-1)
xenial
Released (1:2015.3.14AR.1-1ubuntu0.3+esm3)
Patches:
upstream: https://github.com/tuxera/ntfs-3g/commit/a8818cf779d3a32f2f52337c6f258c16719625a3
upstream: https://github.com/tuxera/ntfs-3g/commit/bce5734a757fd59d70a52f4d4fe9abe260629b3a