Skip to main content

NTFS-3G CVE-2026-42618

MEDIUM
2026-07-15 vendor:ubuntu
Share

Severity by source

vuln.today AI
8.1 HIGH

Local SUID binary invocable by any unprivileged user (AV:L, PR:N); single-byte heap overflow demands complex heap shaping (AC:H); SUID-root escalation changes execution scope (S:C) enabling full system compromise.

3.1 AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
4.0 AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Lifecycle Timeline

1
Analysis Generated
Jul 16, 2026 - 16:35 vuln.today

DescriptionCVE.org

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfs_decompress() in compress.c that allows an attacker to corrupt one byte of heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered by reading the special crafted file.

AnalysisAI

Heap buffer overflow in NTFS-3G through 2026.2.25 allows a local attacker to corrupt one byte of heap memory within the SUID-root ntfs-3g binary by supplying a specially crafted NTFS image, triggering the flaw during decompression in ntfs_decompress() in compress.c. Because the binary executes with root privileges via the SUID mechanism, successful heap exploitation could yield full local privilege escalation to root from an unprivileged account. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local unprivileged account
Delivery
Craft malicious compressed NTFS image
Exploit
Invoke SUID-root ntfs-3g with crafted image
Execution
Trigger ntfs_decompress() heap overflow
Persist
Corrupt heap memory via single-byte overflow
Impact
Achieve local privilege escalation to root

Vulnerability AssessmentAI

Exploitation Exploitation requires local access to the target system with at least an unprivileged user account; remote exploitation is not applicable based on available data. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No CVSS vector or EPSS score was provided in the source data, so risk signals are inferred from the description alone. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unprivileged local attacker on a Linux system with ntfs-3g installed SUID-root creates a specially crafted NTFS filesystem image with malformed compressed data designed to overflow by one byte inside ntfs_decompress(). The attacker invokes ntfs-3g - directly or via a mount operation - to process the image, triggering the overflow in the root-privileged process and corrupting a targeted heap byte to manipulate heap metadata or an adjacent object. …
Remediation Patch available per vendor advisory - upgrade ntfs-3g to a version beyond 2026.2.25 using your distribution's package manager. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-42618 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy