DSA-3268 ntfs-3g - security update
|
System information
|
| |
|
|
Affected software |
Debian |
Description
|
Tavis Ormandy discovered that NTFS-3G, a read-write NTFS driver forFUSE, does not scrub the environment before executing mount or umountwith elevated privileges. A local user can take advantage of this flawto overwrite arbitrary files and gain elevated privileges by accessingdebugging features via the environment that would not normally be safefor unprivileged users.
More info:
https://www.debian.org/security/2015/dsa-3268 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2015-3202 and DSA-3268. |
