tuxera 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk memory corruption、vendor risk input validation, and バッファオーバーフロー に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact memory corruption and アプリケーションクラッシュ などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-40284 | A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device. | [email protected] | 7.8 | 0.35% | 2022-11-06 | 2026-06-17 |
| CVE-2022-30789 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22. | [email protected] | 7.8 | 0.43% | 2022-05-26 | 2026-06-17 |
| CVE-2022-30788 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22. | [email protected] | 7.8 | 0.43% | 2022-05-26 | 2026-06-17 |
| CVE-2022-30787 | An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | [email protected] | 6.7 | 0.42% | 2022-05-26 | 2026-06-17 |
| CVE-2022-30786 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22. | [email protected] | 7.8 | 0.43% | 2022-05-26 | 2026-06-17 |
| CVE-2022-30785 | A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | [email protected] | 6.7 | 0.39% | 2022-05-26 | 2026-06-17 |
| CVE-2022-30784 | A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. | [email protected] | 7.8 | 0.40% | 2022-05-26 | 2026-06-17 |
| CVE-2022-30783 | An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. | [email protected] | 6.7 | 0.42% | 2022-05-26 | 2026-06-17 |
| CVE-2021-46790 | ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions. | [email protected] | 7.8 | 0.50% | 2022-05-02 | 2026-06-17 |
| CVE-2021-39263 | A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.42% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39262 | A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.39% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39261 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.42% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39260 | A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.39% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39259 | A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.39% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39258 | A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.40% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39257 | A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. | [email protected] | 5.5 | 0.37% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39256 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.43% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39255 | A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.40% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39254 | A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.40% | 2021-09-07 | 2026-06-17 |
| CVE-2021-39253 | A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22. | [email protected] | 7.8 | 0.39% | 2021-09-07 | 2026-06-17 |