ELA-138-1 ntfs-3g security update

fix for heap buffer overflow

2019-06-29
Packagentfs-3g
Version1:2012.1.15AR.5-2.1+deb7u4
Related CVEs CVE-2019-9755


A heap-based buffer overflow was discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of this flaw for local root privilege escalation.



For Debian 7 Wheezy, these problems have been fixed in version 1:2012.1.15AR.5-2.1+deb7u4.

We recommend that you upgrade your ntfs-3g packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.