CVE-2019-9755

HIGH Year: 2019
CVSS v3 Score
7.0
High
CVSS v2 Score
4.4
Medium
Weakness Type
CWE-191
View all →

Vulnerability Description

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.

Related Vulnerabilities

CVE-2017-6313

HIGH
CVSS:7.1(High)

Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image e...

CWE-1912017

CVE-2019-5459

HIGH
CVSS:7.1(High)

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

CWE-1912019

CVE-2024-26208

HIGH
CVSS:7.2(High)

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CWE-1912024

CVE-2021-1108

HIGH
CVSS:7.3(High)

NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, a...

CWE-1912021

CVE-2022-30787

MEDIUM
CVSS:6.7(Medium)

An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

CWE-1912022

CVE-2023-39414

HIGH
CVSS:7.3(High)

Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim...

CWE-1912023