Vulnerabilities > CVE-2021-35267 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2021-09-07

Updated: 2023-11-07

Summary

NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.

Vulnerable Configurations

Part	Description	Count
Application	Tuxera Tuxera Ntfs 3G - Tuxera Ntfs 3G 2009.1.1 Tuxera Ntfs 3G 2009.2.1 Tuxera Ntfs 3G 2009.3.8 Tuxera Ntfs 3G 2009.4.4 Tuxera Ntfs 3G 2009.11.14 Tuxera Ntfs 3G 2010.1.16 Tuxera Ntfs 3G 2010.3.6 Tuxera Ntfs 3G 2010.5.16 Tuxera Ntfs 3G 2010.5.22 Tuxera Ntfs 3G 2010.8.8 Tuxera Ntfs 3G 2010.10.2 Tuxera Ntfs 3G 2011.1.15 Tuxera Ntfs 3G 2011.4.12 Tuxera Ntfs 3G 2012.1.15 Tuxera Ntfs 3G 2013.1.13 Tuxera Ntfs 3G 2014.2.15 Tuxera Ntfs 3G 2015.3.14 Tuxera Ntfs 3G 2016.2.22 Tuxera Ntfs 3G 2017.3.23	20
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0	3
OS	Fedoraproject Fedoraproject Fedora 33 Fedoraproject Fedora 35	2

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References