As I demonstrated before, the same malformed file system structures can cause overflows/over-reads in independently developed software. Here is a recent example: a buffer overflow vulnerability found in 7-Zip — CVE-2023-52168. This vulnerability is similar to one previously discovered by me in the ntfsck tool (from the NTFS-3G driver) — CVE-2021-46790. And even more: a … Continue reading Vulnerabilities in 7-Zip and ntfs3