Debian: DSA-4971-1: ntfs-3g security update

Advisories


- -------------------------------------------------------------------------
Debian Security Advisory DSA-4971-1                   [email protected]
https://www.debian.org/security/                     Salvatore Bonaccorso
September 09, 2021                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ntfs-3g
CVE ID         : CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289
                 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269
                 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254
                 CVE-2021-39255 CVE-2021-39256 CVE-2021-39257 CVE-2021-39258
                 CVE-2021-39259 CVE-2021-39260 CVE-2021-39261 CVE-2021-39262
                 CVE-2021-39263
Debian Bug     : 988386

Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS
driver for FUSE. A local user can take advantage of these flaws for
local root privilege escalation.

For the oldstable distribution (buster), these problems have been fixed
in version 1:2017.3.23AR.3-3+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 1:2017.3.23AR.3-4+deb11u1.

We recommend that you upgrade your ntfs-3g packages.

For the detailed security status of ntfs-3g please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/ntfs-3g

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Debian: DSA-4971-1: ntfs-3g security update

September 9, 2021
Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE

Summary

For the oldstable distribution (buster), these problems have been fixed
in version 1:2017.3.23AR.3-3+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 1:2017.3.23AR.3-4+deb11u1.

We recommend that you upgrade your ntfs-3g packages.

For the detailed security status of ntfs-3g please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/ntfs-3g

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Severity
Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS
driver for FUSE. A local user can take advantage of these flaws for
local root privilege escalation.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.