Yuchen Zeng and Eduardo Vela discovered a buffer overflow in NTFS-3G, a read-write NTFS driver for FUSE, due to incorrect validation of some of
the NTFS metadata. A local user can take advantage of this flaw for
local root privilege escalation.
For the stable distribution (bullseye), this problem has been fixed in
We recommend that you upgrade your ntfs-3g packages.