Unrated severityNVD Advisory· Published May 26, 2022· Updated Dec 2, 2025
CVE-2022-30784
CVE-2022-30784
Description
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
Affected products
137- NTFS-3G/NTFS-3Gdescription
- osv-coords136 versionspkg:rpm/almalinux/hivexpkg:rpm/almalinux/hivex-develpkg:rpm/almalinux/libguestfspkg:rpm/almalinux/libguestfs-appliancepkg:rpm/almalinux/libguestfs-bash-completionpkg:rpm/almalinux/libguestfs-develpkg:rpm/almalinux/libguestfs-gfs2pkg:rpm/almalinux/libguestfs-gobjectpkg:rpm/almalinux/libguestfs-gobject-develpkg:rpm/almalinux/libguestfs-inspect-iconspkg:rpm/almalinux/libguestfs-javapkg:rpm/almalinux/libguestfs-java-develpkg:rpm/almalinux/libguestfs-javadocpkg:rpm/almalinux/libguestfs-man-pages-japkg:rpm/almalinux/libguestfs-man-pages-ukpkg:rpm/almalinux/libguestfs-rescuepkg:rpm/almalinux/libguestfs-rsyncpkg:rpm/almalinux/libguestfs-toolspkg:rpm/almalinux/libguestfs-tools-cpkg:rpm/almalinux/libguestfs-winsupportpkg:rpm/almalinux/libguestfs-xfspkg:rpm/almalinux/libiscsipkg:rpm/almalinux/libiscsi-develpkg:rpm/almalinux/libiscsi-utilspkg:rpm/almalinux/libnbdpkg:rpm/almalinux/libnbd-bash-completionpkg:rpm/almalinux/libnbd-develpkg:rpm/almalinux/libtpmspkg:rpm/almalinux/libtpms-develpkg:rpm/almalinux/libvirtpkg:rpm/almalinux/libvirt-clientpkg:rpm/almalinux/libvirt-daemonpkg:rpm/almalinux/libvirt-daemon-config-networkpkg:rpm/almalinux/libvirt-daemon-config-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-interfacepkg:rpm/almalinux/libvirt-daemon-driver-networkpkg:rpm/almalinux/libvirt-daemon-driver-nodedevpkg:rpm/almalinux/libvirt-daemon-driver-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-qemupkg:rpm/almalinux/libvirt-daemon-driver-secretpkg:rpm/almalinux/libvirt-daemon-driver-storagepkg:rpm/almalinux/libvirt-daemon-driver-storage-corepkg:rpm/almalinux/libvirt-daemon-driver-storage-diskpkg:rpm/almalinux/libvirt-daemon-driver-storage-glusterpkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsipkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsi-directpkg:rpm/almalinux/libvirt-daemon-driver-storage-logicalpkg:rpm/almalinux/libvirt-daemon-driver-storage-mpathpkg:rpm/almalinux/libvirt-daemon-driver-storage-rbdpkg:rpm/almalinux/libvirt-daemon-driver-storage-scsipkg:rpm/almalinux/libvirt-daemon-kvmpkg:rpm/almalinux/libvirt-dbuspkg:rpm/almalinux/libvirt-develpkg:rpm/almalinux/libvirt-docspkg:rpm/almalinux/libvirt-libspkg:rpm/almalinux/libvirt-lock-sanlockpkg:rpm/almalinux/libvirt-nsspkg:rpm/almalinux/libvirt-wiresharkpkg:rpm/almalinux/lua-guestfspkg:rpm/almalinux/nbdfusepkg:rpm/almalinux/nbdkitpkg:rpm/almalinux/nbdkit-bash-completionpkg:rpm/almalinux/nbdkit-basic-filterspkg:rpm/almalinux/nbdkit-basic-pluginspkg:rpm/almalinux/nbdkit-curl-pluginpkg:rpm/almalinux/nbdkit-develpkg:rpm/almalinux/nbdkit-example-pluginspkg:rpm/almalinux/nbdkit-gzip-filterpkg:rpm/almalinux/nbdkit-gzip-pluginpkg:rpm/almalinux/nbdkit-linuxdisk-pluginpkg:rpm/almalinux/nbdkit-nbd-pluginpkg:rpm/almalinux/nbdkit-python-pluginpkg:rpm/almalinux/nbdkit-serverpkg:rpm/almalinux/nbdkit-ssh-pluginpkg:rpm/almalinux/nbdkit-tar-filterpkg:rpm/almalinux/nbdkit-tar-pluginpkg:rpm/almalinux/nbdkit-tmpdisk-pluginpkg:rpm/almalinux/nbdkit-vddk-pluginpkg:rpm/almalinux/nbdkit-xz-filterpkg:rpm/almalinux/netcfpkg:rpm/almalinux/netcf-develpkg:rpm/almalinux/netcf-libspkg:rpm/almalinux/ocaml-hivexpkg:rpm/almalinux/ocaml-hivex-develpkg:rpm/almalinux/ocaml-libguestfspkg:rpm/almalinux/ocaml-libguestfs-develpkg:rpm/almalinux/ocaml-libnbdpkg:rpm/almalinux/ocaml-libnbd-develpkg:rpm/almalinux/perl-hivexpkg:rpm/almalinux/perl-Sys-Guestfspkg:rpm/almalinux/perl-Sys-Virtpkg:rpm/almalinux/python3-hivexpkg:rpm/almalinux/python3-libguestfspkg:rpm/almalinux/python3-libnbdpkg:rpm/almalinux/python3-libvirtpkg:rpm/almalinux/qemu-guest-agentpkg:rpm/almalinux/qemu-imgpkg:rpm/almalinux/qemu-kvmpkg:rpm/almalinux/qemu-kvm-block-curlpkg:rpm/almalinux/qemu-kvm-block-glusterpkg:rpm/almalinux/qemu-kvm-block-iscsipkg:rpm/almalinux/qemu-kvm-block-rbdpkg:rpm/almalinux/qemu-kvm-block-sshpkg:rpm/almalinux/qemu-kvm-commonpkg:rpm/almalinux/qemu-kvm-corepkg:rpm/almalinux/qemu-kvm-docspkg:rpm/almalinux/qemu-kvm-hw-usbredirpkg:rpm/almalinux/qemu-kvm-testspkg:rpm/almalinux/qemu-kvm-ui-openglpkg:rpm/almalinux/qemu-kvm-ui-spicepkg:rpm/almalinux/ruby-hivexpkg:rpm/almalinux/ruby-libguestfspkg:rpm/almalinux/seabiospkg:rpm/almalinux/seabios-binpkg:rpm/almalinux/seavgabios-binpkg:rpm/almalinux/sgabiospkg:rpm/almalinux/sgabios-binpkg:rpm/almalinux/SLOFpkg:rpm/almalinux/superminpkg:rpm/almalinux/supermin-develpkg:rpm/almalinux/swtpmpkg:rpm/almalinux/swtpm-develpkg:rpm/almalinux/swtpm-libspkg:rpm/almalinux/swtpm-toolspkg:rpm/almalinux/swtpm-tools-pkcs11pkg:rpm/almalinux/virt-dibpkg:rpm/almalinux/virt-v2vpkg:rpm/almalinux/virt-v2v-bash-completionpkg:rpm/almalinux/virt-v2v-man-pages-japkg:rpm/almalinux/virt-v2v-man-pages-ukpkg:rpm/opensuse/ntfs-3g_ntfsprogs&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/ntfs-3g_ntfsprogs&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/ntfs-3g_ntfsprogs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/ntfs-3g_ntfsprogs&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/ntfs-3g_ntfsprogs&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/ntfs-3g_ntfsprogs&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
< 1.3.18-23.module_el8.6.0+2880+7d9e3703+ 135 more
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+3161+a07c0ea5
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 9.2-1.el9
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+3161+a07c0ea5
- (no CPE)range: < 0.9.1-2.20211126git1ff6fe1f43.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 0.9.1-2.20211126git1ff6fe1f43.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 1.3.0-2.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 8.0.0-19.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1.6.0-5.module_el8.6.0+3161+a07c0ea5
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 1.24.0-5.module_el8.8.0+3485+7cffc4a3
- (no CPE)range: < 0.2.8-12.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.2.8-12.module_el8.6.0+3161+a07c0ea5
- (no CPE)range: < 0.2.8-12.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 8.0.0-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-2.module_el8.7.0+3346+68867adb
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 15:6.2.0-32.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1.16.0-3.module_el8.7.0+3346+68867adb
- (no CPE)range: < 1.16.0-3.module_el8.7.0+3346+68867adb
- (no CPE)range: < 1.16.0-3.module_el8.7.0+3346+68867adb
- (no CPE)range: < 1:0.20170427git-3.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:0.20170427git-3.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 20210217-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 5.2.1-2.module_el8.7.0+3346+68867adb
- (no CPE)range: < 5.2.1-2.module_el8.7.0+3346+68867adb
- (no CPE)range: < 0.7.0-4.20211109gitb79fd91.module_el8.7.0+3346+68867adb
- (no CPE)range: < 0.7.0-4.20211109gitb79fd91.module_el8.7.0+3346+68867adb
- (no CPE)range: < 0.7.0-4.20211109gitb79fd91.module_el8.7.0+3346+68867adb
- (no CPE)range: < 0.7.0-4.20211109gitb79fd91.module_el8.7.0+3346+68867adb
- (no CPE)range: < 0.7.0-4.20211109gitb79fd91.module_el8.7.0+3346+68867adb
- (no CPE)range: < 1:1.44.0-9.module_el8.7.0+3493+5ed0bd1c.alma
- (no CPE)range: < 1:1.42.0-22.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 1:1.42.0-22.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 1:1.42.0-22.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 1:1.42.0-22.module_el8.8.0+3553+bd08596b
- (no CPE)range: < 2022.5.17-150000.3.11.1
- (no CPE)range: < 2022.5.17-150000.3.11.1
- (no CPE)range: < 2022.5.17-5.12.1
- (no CPE)range: < 2022.5.17-5.12.1
- (no CPE)range: < 2022.5.17-150000.3.11.1
- (no CPE)range: < 2022.5.17-150000.3.11.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JPX6OUCQKZX4PN5DQPVDUFZCOOZUX7Z/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECDCISL24TYH4CTDFCUVF24WAKRSYF7F/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FAXFYIJWT5SHHRNPOJETM77EIMJ6ZP6I/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEXHDCUSLJD2HSPMAAVZ5AWMPUOG6UI7/mitrevendor-advisory
- security.gentoo.org/glsa/202301-01mitrevendor-advisory
- www.debian.org/security/2022/dsa-5160mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2022/06/msg00017.htmlmitremailing-list
- github.com/tuxera/ntfs-3g/security/advisories/GHSA-xchm-ph5h-hw4xmitre
News mentions
0No linked articles in our index yet.