CVE-2021-39256: 
Alma Linux vulnerability analysis and mitigation

A heap-based buffer overflow vulnerability was discovered in NTFS-3G versions prior to 2021.8.22, specifically in the ntfsinodelookupbyname function. This vulnerability was identified in August 2021 and affected the NTFS-3G driver, which provides read-write NTFS support for various operating systems (Debian Security, Ubuntu Security).

The vulnerability is classified with a CVSS v3 score of 7.8 (High), with the following characteristics: Attack Vector: Local, Attack Complexity: Low, Privileges Required: Low, User Interaction: None, Scope: Unchanged, and Impact levels (Confidentiality, Integrity, Availability) all rated as High. The vulnerability specifically affects the ntfsinodelookupbyname function when processing crafted NTFS images (Ubuntu Security).

The vulnerability could allow a local attacker to potentially execute arbitrary privileged code if they have local access and the ntfs-3g binary is setuid root, or if they have physical access to an external port on a computer configured to run the ntfs-3g binary when external storage is connected. This could lead to local root privilege escalation (GitHub Advisory).

The vulnerability was patched in NTFS-3G version 2021.8.22. Users are strongly recommended to upgrade to this version or later. The fix includes improvements to defend against maliciously tampered NTFS partitions (NTFS-3G Release, GitHub Advisory).