References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

ntfs: check overflow when iterating ATTR_RECORDs

Kernel iterates over ATTR_RECORDs in mft record in ntfs_attr_find(). 
Because the ATTR_RECORDs are next to each other, kernel can get the next
ATTR_RECORD from end address of current ATTR_RECORD, through current
ATTR_RECORD length field.

The problem is that during iteration, when kernel calculates the end
address of current ATTR_RECORD, kernel may trigger an integer overflow bu

https://git.kernel.org/stable/c/45683723f6b53e39e8a4cec0894e61fd6ec71989

https://git.kernel.org/stable/c/5559eb5809353a83a40a1e4e7f066431c7b83020

https://git.kernel.org/stable/c/63095f4f3af59322bea984a6ae44337439348fe0

https://git.kernel.org/stable/c/785b2af9654b8beac55644e36da0085c5d776361

https://git.kernel.org/stable/c/86f36de14dce5802856bb7a5921d74439db00b64

https://git.kernel.org/stable/c/957732a09c3828267c2819d31c425aa793dd475b

https://git.kernel.org/stable/c/b612f924f296408d7d02fb4cd01218afd4ed7184

https://git.kernel.org/stable/c/b63ddb3ba61e2d3539f87e095c881e552bc45dab