SUSE update for ntfs-3g_ntfsprogs
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2021-46790 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785 CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789 |
| CWE-ID | CWE-122 CWE-94 CWE-191 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Workstation Extension Operating systems & Components / Operating system SUSE Linux Enterprise Desktop Operating systems & Components / Operating system SUSE Linux Enterprise Software Development Kit Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications Operating systems & Components / Operating system SUSE Linux Enterprise Server Operating systems & Components / Operating system libntfs-3g-devel Operating systems & Components / Operating system package or component ntfsprogs-debuginfo Operating systems & Components / Operating system package or component ntfsprogs Operating systems & Components / Operating system package or component ntfs-3g_ntfsprogs-debugsource Operating systems & Components / Operating system package or component ntfs-3g-debuginfo Operating systems & Components / Operating system package or component ntfs-3g Operating systems & Components / Operating system package or component libntfs-3g84-debuginfo Operating systems & Components / Operating system package or component libntfs-3g84 Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU64092
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46790
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the ntfsck in NTFS-3G when processing specially crafted NTFS filesystem. A local user can mount a malicious NTFS filesystem, trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Code Injection
EUVDB-ID: #VU63759
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-30783
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a flaw when using libfuse-lite. A local administrator can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Heap-based buffer overflow
EUVDB-ID: #VU63796
Risk: Low
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-30784
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ntfs_get_attribute_value. A remote administrator can use a specially crafted NTFS image file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Code Injection
EUVDB-ID: #VU63760
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-30785
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to an arbitrary memory read and write operations issue when using libfuse-lite. A local administrator can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Heap-based buffer overflow
EUVDB-ID: #VU63793
Risk: Low
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-30786
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ntfs_names_full_collate. A remote administrator can use a specially crafted NTFS image file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Integer underflow
EUVDB-ID: #VU63761
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-30787
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to integer underflow in fuse_lib_readdir when using libfuse-lite. A local administrator can send a specially crafted request to the affected application, trigger integer underflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Heap-based buffer overflow
EUVDB-ID: #VU63790
Risk: Low
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-30788
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ntfs_mft_rec_alloc. A remote administrator can use a specially crafted NTFS image file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Heap-based buffer overflow
EUVDB-ID: #VU64094
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-30789
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code with escalated privileges.
The vulnerability exists due to a boundary error in the ntfs_check_log_client_array in NTFS-3G. A local attacker can mount a specially crafted NTFS image, trigger a heap-based buffer overflow and execute arbitrary code with escalated privileges.
MitigationUpdate the affected package ntfs-3g_ntfsprogs to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension: 12-SP5
SUSE Linux Enterprise Desktop: 12-SP5
SUSE Linux Enterprise Software Development Kit: 12-SP5
SUSE Linux Enterprise Server for SAP Applications: 12-SP5
SUSE Linux Enterprise Server: 12-SP5
libntfs-3g-devel: before 2022.5.17-5.12.1
ntfsprogs-debuginfo: before 2022.5.17-5.12.1
ntfsprogs: before 2022.5.17-5.12.1
ntfs-3g_ntfsprogs-debugsource: before 2022.5.17-5.12.1
ntfs-3g-debuginfo: before 2022.5.17-5.12.1
ntfs-3g: before 2022.5.17-5.12.1
libntfs-3g84-debuginfo: before 2022.5.17-5.12.1
libntfs-3g84: before 2022.5.17-5.12.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libntfs-3g-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfsprogs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g_ntfsprogs-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ntfs-3g:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libntfs-3g84:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20222836-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
