CVE-2017-0358

ntfs-3g: Modprobe influence vulnerability via environment variables

CVSS 7.8 HIGHEPSS 2.3%CWE-269

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

ntfs-3g · ntfs-3g

public PoCs found — 5

githubgithub.com/Wangsafz/cve-2017-0358.sh★ 0 cve_referencewww.exploit-db.com/exploits/41240/unverified cve_referencewww.exploit-db.com/exploits/41356/unverified exploitdbwww.exploit-db.com/exploits/41240unverified exploitdbwww.exploit-db.com/exploits/41356unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://marc.info/?l=oss-security&m=148594671929354&w=2 https://security.gentoo.org/glsa/201702-10 https://www.debian.org/security/2017/dsa-3780 https://www.exploit-db.com/exploits/41240/https://www.exploit-db.com/exploits/41356/http://www.openwall.com/lists/oss-security/2017/02/04/1 http://www.securityfocus.com/bid/95987