|Created||Mon Jun 6 18:09:09 2022|
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-xchm-ph5h-hw4x https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-6mv4-4v73-xw58 https://www.openwall.com/lists/oss-security/2022/05/26/1
didn't add CVE-2021-46790 (CVSS 9.8) because `ntfsck` is not provided by `ntfs-3g`, although I yet have to check wether it was present in the previous version or removed when it was deprecated TODO: look up wether ntfs-3g is built with the internal libfuse or not as it determines wether the second advisory applies