Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dbg" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dbgsym" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dev" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dev-dbgsym" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-udeb" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-udeb-dbgsym" } ] }