In the issue of the project NTFS-3G 2022.5.17 , developing the driver and a set of utilities To work with the NTFS file system in the user space, 8 vulnerabilities are eliminated to raise their privileges in the system. Problems are caused by the absence of proper inspections during the processing of command line options and when working with metadanes in NTFS divisions.
- cve-2022-30783, CVE-2022-30785, CVE-2022-30787 -vulnerabilities in the NTFS-3G driver, collected with the built-in library library (Libfuse-Lite) or with the Libfuse2 system library. The attacker can execute an arbitrary ROOT code through manipulation with command string options, if you have access to the NTFS-3G executable file supplied with the SUID Root flag. For vulnerabilities, an exploit prototype is demonstrated.
- cve-2021-46790, CVE-2022-30784, CVE-2022-30786 , CVE-2022-30788,
CVE-2022-30789 -vulnerability in the code of analysis of metadata in NTFS sections, leading to overflow of the buffer due to the lack of proper inspections. The attack can be made when processing the NTFS-3G section prepared by the attacker. For example, when the user is mounted by the drive prepared by the attacker, or if the attacking unconnected local access to the system has. If the system is configured to automatically mount NTFS sections on external drives, it is enough to connect usb Flash to the attack with a special designed section. Work exposures for these vulnerabilities have not yet been pronounced.
/Media reports.