NTFS-3G: Remote code execution, possible privilege escalation

NTFS-3G: Remote code execution, possible privilege escalation A buffer overflow in NTFS-3g might allow local or remote attacker(s) to execute arbitrary code, or escalate privileges. ntfs-3g 2020-07-27 2020-07-27 717640 remote 2017.3.23-r3 2017.3.23-r3

NTFS-3G is a stable, full-featured, read-write NTFS driver for various operating systems.

An integer underflow issue exists in NTFS-3G which may cause a heap buffer overflow with crafted input.

A remote attacker may be able to execute arbitrary code while a local attacker may be able to escalate privileges.

There is no known workaround at this time.

All NTFS-3G users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=sys-fs/ntfs3g-2017.3.23-r3"

CVE-2019-9755 sam_c sam_c