Arbitrary Memory Read and Write Vulnerability in NTFS-3G through 2021.8.22 with libfuse-lite

Arbitrary Memory Read and Write Vulnerability in NTFS-3G through 2021.8.22 with libfuse-lite

CVE-2022-30785 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

Learn more about our Web Application Penetration Testing UK.