Bug 1199978 (CVE-2022-30783)

Summary: VUL-0: CVE-2022-30783,CVE-2022-30784,CVE-2022-30785,CVE-2022-30786,CVE-2022-30787,CVE-2022-30788,CVE-2022-30789: ntfs-3g_ntfsprogs: 2022.5.17 release
Product: [Novell Products] SUSE Security Incidents Reporter: Carlos López <carlos.lopez>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: mgorse
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/333109/
Whiteboard: CVSSv3.1:SUSE:CVE-2022-30783:6.7:(AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2022-30784:6.4:(AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2022-30785:6.7:(AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2022-30786:6.4:(AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2022-30787:6.7:(AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2022-30788:6.4:(AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2022-30789:6.4:(AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Carlos López 2022-05-27 12:11:33 UTC
Multiple security issues have been fixed in ntfs-3g version 2022.5.17:
 - CVE-2022-30783: An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel when using libfuse-lite.
 - CVE-2022-30784: A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value.
 - CVE-2022-30785: A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations when using libfuse-lite.
 - CVE-2022-30786: A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate.
 - CVE-2022-30787: An integer underflow in fuse_lib_readdir enables arbitrary memory read operations when using libfuse-lite.
 - CVE-2022-30788: A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc.
 - CVE-2022-30789: A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array.

Patches:
https://github.com/tuxera/ntfs-3g/compare/2021.8.22...2022.5.17
Comment 1 Carlos López 2022-05-27 12:12:20 UTC
(In reply to Carlos López from comment #0)
> Patches:
> https://github.com/tuxera/ntfs-3g/compare/2021.8.22...2022.5.17

These should also fix CVE-2021-46790 (bsc#1199139)
Comment 3 OBSbugzilla Bot 2022-05-29 20:40:04 UTC
This is an autogenerated message for OBS integration:
This bug (1199978) was mentioned in
https://build.opensuse.org/request/show/979742 Factory / ntfs-3g_ntfsprogs
Comment 6 Swamp Workflow Management 2022-08-17 19:15:26 UTC
SUSE-SU-2022:2835-1: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 1199978
CVE References: CVE-2021-46790,CVE-2022-30783,CVE-2022-30784,CVE-2022-30785,CVE-2022-30786,CVE-2022-30787,CVE-2022-30788,CVE-2022-30789
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    ntfs-3g_ntfsprogs-2022.5.17-150000.3.11.1
openSUSE Leap 15.3 (src):    ntfs-3g_ntfsprogs-2022.5.17-150000.3.11.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    ntfs-3g_ntfsprogs-2022.5.17-150000.3.11.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    ntfs-3g_ntfsprogs-2022.5.17-150000.3.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2022-08-17 19:16:06 UTC
SUSE-SU-2022:2836-1: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 1199978
CVE References: CVE-2021-46790,CVE-2022-30783,CVE-2022-30784,CVE-2022-30785,CVE-2022-30786,CVE-2022-30787,CVE-2022-30788,CVE-2022-30789
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    ntfs-3g_ntfsprogs-2022.5.17-5.12.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    ntfs-3g_ntfsprogs-2022.5.17-5.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Carlos López 2022-09-16 13:10:19 UTC
Done, closing.