NTFS-3G: Privilege escalation — GLSA 201702-10

A vulnerability in NTFS-3G allows local users to gain root privileges.

Affected Packages

sys-fs/ntfs3g on all architectures
Affected versions < 2016.2.22-r2
Unaffected versions >= 2016.2.22-r2

Background

NTFS-3G is a stable, full-featured, read-write NTFS driver for various operating systems.

Description

The NTFS-3G driver does not properly clear environment variables before invoking mount or umount.

This flaw is similar to the vulnerability described in “GLSA-201701-19” and “GLSA-201603-04” referenced below but is now implemented in the NTFS-3G driver itself.

Impact

A local user could gain root privileges.

Workaround

There is no known workaround at this time. However, on Gentoo when the “suid” USE flag is not set (which is the default) an attacker cannot exploit the flaw.

Resolution

All NTFS-3G users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-fs/ntfs3g-2016.2.22-r2"
 

References

Release Date
February 19, 2017

Latest Revision
February 19, 2017: 1

Severity
normal

Exploitable
local

Bugzilla entries