Integer Underflow (Wrap or Wraparound)

CVE-2022-30787

Medium

4.6/10

Summary

An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

CWE-191 - Integer Underflow (Wrap or Wraparound)

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

References

Advisory Timeline

Published May 26, 2022

Integer Underflow (Wrap or Wraparound)

CVE-2022-30787

Summary

CWE-191 - Integer Underflow (Wrap or Wraparound)

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS