Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Ubuntu 22.10: USN-5711-1 Critical: NTFS-3G Crash Threat

ubuntu
Calendar Grey November 2, 2022
Dist Ubuntu Esm H88
Keep updated on the recent NTFS-3G flaw affecting Ubuntu, as it poses significant risks to system stability and management.
NTFS-3G could be made to crash or run programs as an administrator if it mounted a specially crafted disk.

Summary

NTFS-3G could be made to crash or run programs as an administrator

if it mounted a specially crafted disk.

Software Description:

- ntfs-3g: read/write NTFS driver for FUSE

Details:

Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated

certain NTFS metadata. A local attacker could possibly use this issue to

gain privileges.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
   ntfs-3g                         1:2022.5.17-1ubuntu1.1

Ubuntu 22.04 LTS:
   ntfs-3g                         1:2021.8.22-3ubuntu1.2

Ubuntu 20.04 LTS:
   ntfs-3g                         1:2017.3.23AR.3-3ubuntu1.3

Ubuntu 18.04 LTS:
   ntfs-3g                         1:2017.3.23-2ubuntu0.18.04.5

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5711-1

CVE-2022-40284

Severity
critical
Lowest
Low
Medium
High
Critical

November 02, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.