In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Prevent integer overflow in hdrfirstde()
The "deoff" and "used" variables come from the disk so they both need to check. The problem is that on 32bit systems if they're both greater than UINTMAX - 16 then the check does work as intended because of an integer overflow.