An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ntfs-3g | Tuxera | 2017.3.23 (including) | 2017.3.23 (including) |
| Advanced Virtualization for RHEL 8.1.0 | RedHat | virt:8.1-8010020190927171011.cdc1202b | * |
| Advanced Virtualization for RHEL 8.1.0 | RedHat | virt-devel:8.1-8010020190927171011.cdc1202b | * |
| Red Hat Enterprise Linux 7 | RedHat | libguestfs-winsupport-0:7.2-3.el7 | * |
| Red Hat Enterprise Linux 8 | RedHat | virt-devel:rhel-8010020190916153839.cdc1202b | * |
| Red Hat Enterprise Linux 8 | RedHat | virt:rhel-8010020190916153839.cdc1202b | * |
| Ntfs-3g | Ubuntu | bionic | * |
| Ntfs-3g | Ubuntu | cosmic | * |
| Ntfs-3g | Ubuntu | devel | * |
| Ntfs-3g | Ubuntu | esm-infra-legacy/trusty | * |
| Ntfs-3g | Ubuntu | precise/esm | * |
| Ntfs-3g | Ubuntu | trusty | * |
| Ntfs-3g | Ubuntu | trusty/esm | * |
| Ntfs-3g | Ubuntu | upstream | * |
| Ntfs-3g | Ubuntu | xenial | * |