Severity by source
Local delivery of a crafted image requires UI:R to mount; read-only memory leak yields C:L with no integrity or availability impact.
Lifecycle Timeline
1DescriptionCVE.org
In NTFS-3G through 2026.2.25, an out-of-bounds read exists in ntfs_ir_nill() in libntfs-3g/index.c that allows an attacker to read possibly confidential information in an ntfs-3g process by crafting a malicious NTFS image. This read operation is triggered by creation of a file with a crafted name.
AnalysisAI
Out-of-bounds read in NTFS-3G through version 2026.2.25 exposes ntfs-3g process memory when a maliciously crafted NTFS image is mounted and a file with a specially crafted name is created on it. The flaw in ntfs_ir_nill() within the index-handling code allows an attacker who controls the filesystem image to read data from the running ntfs-3g process that may include confidential in-memory contents. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The vulnerability is triggered specifically during the creation of a file with a crafted name on a mounted NTFS volume whose index structures have been pre-arranged in a malicious NTFS image. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No official CVSS score or vector is available for this CVE, so risk must be inferred from the description and context. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker prepares a malicious NTFS disk image with a specially crafted directory index structure designed to trigger the out-of-bounds read in ntfs_ir_nill(). The image is delivered to the target via a USB drive, a network file share, or a downloaded disk image file. … |
| Remediation | The primary remediation is to upgrade to an NTFS-3G release newer than 2026.2.25 once a patched version is published by the upstream project or packaged by the relevant Linux distribution. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today