Kev tso tawm ntawm NTFS-3G 2022.5.17 qhov project, uas txhim kho tus tsav tsheb thiab cov txheej txheem kev siv hluav taws xob rau kev ua haujlwm nrog NTFS cov ntaub ntawv hauv cov neeg siv qhov chaw, tshem tawm 8 qhov tsis zoo uas tso cai rau koj los txhawb koj cov cai hauv lub cev. Cov teeb meem tshwm sim los ntawm qhov tsis muaj kev kuaj xyuas kom zoo thaum ua cov kab lus hais kom ua thiab thaum ua haujlwm nrog metadata ntawm NTFS partitions.
- CVE-2022-30783, CVE-2022-30785, CVE-2022-30787 - vulnerabilities nyob rau hauv NTFS-3G tsav tsheb compiled nrog lub built-in libfuse tsev qiv ntawv (libfuse-lite) los yog nrog lub libfuse2 system tsev qiv ntawv. Tus neeg tawm tsam tuaj yeem ua tiav cov cai tsis txaus siab nrog cov cai hauv paus los ntawm kev siv cov kab lus hais kom ua yog tias lawv nkag mus rau ntfs-3g cov ntaub ntawv ua tiav tau muab nrog tus chij suid hauv paus. Ib qho qauv ua haujlwm ntawm kev siv dag zog tau ua rau pom qhov tsis zoo.
- CVE-2021-46790, CVE-2022-30784, CVE-2022-30786, CVE-2022-30788, CVE-2022-30789 - vulnerabilities nyob rau hauv cov metadata parsing code nyob rau hauv NTFS vim partitions, ua rau ib tug buffer rau ib tug buffer kuaj. Kev tawm tsam tuaj yeem ua tiav thaum ua tiav NTFS-3G muab faib npaj los ntawm tus neeg tawm tsam. Piv txwv li, thaum tus neeg siv tau teeb tsa lub tsav npaj los ntawm tus neeg tawm tsam, lossis thaum tus neeg tawm tsam tsis muaj cai nkag mus rau hauv lub system. Yog tias lub kaw lus tau teeb tsa kom tau txais NTFS partitions ntawm cov tsav sab nraud, txhua yam nws yuav siv los tua yog txuas lub USB Flash nrog qhov tshwj xeeb tsim muab faib rau lub computer. Kev ua haujlwm ntawm kev ua haujlwm rau cov kev tsis zoo no tseem tsis tau pom dua.
Tau qhov twg los: opennet.ru