USN-8192-1

Details

Jeffrey Bencteux discovered that NTFS-3G incorrectly handled certain UTF-8 sequences. An attacker could use this issue to cause NTFS-3G to crash, resulting in a denial of service, or to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-52890)

Andrea Bocchetti discovered that NTFS-3G incorrectly handled certain security descriptors. An attacker could use this issue to cause NTFS-3G to crash, resulting in a denial of service, or to execute arbitrary code. (CVE-2026-40706)

Affected Packages

ntfs-3g

Ubuntu 22.04 LTS

Fixed in:

1:2021.8.22-3ubuntu1.3

ntfs-3g

Ubuntu 24.04 LTS

Fixed in:

1:2022.10.3-1.2ubuntu3.1

ntfs-3g

Ubuntu 25.10

Fixed in:

1:2022.10.3-5ubuntu0.25.10.1

References

ADVISORY

https://ubuntu.com/security/notices/USN-8192-1