CVE-2023-52890
Published: 13 June 2024
NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging.
Notes
| Author | Note |
|---|---|
Priority reason: Exploitation of this vulnerability likely difficult |
|
| mdeslaur | Exploitation of this vulnerability likely difficult, see upstream bug discussion. As such, marking as low priority. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
ntfs-3g Launchpad, Ubuntu, Debian |
bionic |
Needed
|
| focal |
Needed
|
|
| jammy |
Needed
|
|
| mantic |
Ignored
(end of life, was needed)
|
|
| noble |
Needed
|
|
| trusty |
Needed
|
|
| upstream |
Released
(1:2022.10.3-3)
|
|
| xenial |
Needed
|
|
|
Patches: upstream: https://github.com/tuxera/ntfs-3g/commit/75dcdc2cf37478fad6c0e3427403d198b554951d |
||