Jann Horn discovered that NTFS-3G incorrectly filtered environment variables when using the modprobe utility. A local attacker could possibly use this issue to load arbitrary kernel modules.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dbg" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dbgsym" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dev" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-dev-dbgsym" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-udeb" }, { "binary_version": "1:2015.3.14AR.1-1ubuntu0.1", "binary_name": "ntfs-3g-udeb-dbgsym" } ] }