CVE-2022-19773 A use-after-free vulnerability was found in the Linux kernel (log_replay in fs/ntfs3/fslog[.]c for NTFS logs)

Preface: The NTFS3 component is not included in the 5.15 kernel of Manjaro. The ntfs3 is a kernel module. This module will be ready for use on version 5.15.2_rt19-1.Type “modinfo ntfs3” can let you know the ntfs3 installation status.

Background: The ext4 is better on Linux based systems because it is designed and built for Linux. NTFS, on the other hand, is designed and built for Windows. KDE Partition Manager has support for a large number of file systems, the most notable ones being NTFS, FAT, F2FS, and so on. Just like every other application of KDE, the Partition Manager is released under the GNU Public License, making it completely free to use and open-source.
NTFS3 is called NTFS3 because it fully implements the latest version 3.1 of NTFS file system specification. NTFS is unlikely to change in future, thus NTFS3 naming reflects that NTFS3 implements the latest revision of NTFS.
NTFS3 is fully functional NTFS Read-Write driver. The driver works with NTFS versions up to 3.1, normal/compressed/sparse files and journal replaying. File system type to use on mount is ‘ntfs3’.

  • This driver implements NTFS read/write support for normal, sparse and compressed files.
  • Supports native journal replaying;
  • Supports extended attributes

Vulnerability details: A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. As the vendor has not provided other details yet. So it lure my interested to speculate. For details, please refer to the chart.

Solution: Upgrading to version 5.19-rc1 eliminates this vulnerability.

Related article: Please refer to the link for details

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.