new file mode 100644
@@ -0,0 +1,31 @@
+From 96412e28e5c7ac2d15f1cff8c825330bbb60976e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
+Date: Tue, 10 May 2022 10:30:24 +0200
+Subject: [PATCH] Fixed possible out-of-buffer condition in ntfsck
+
+A bad usa_count could lead to an out-of-buffer condition. Just avoid
+the issue and report the error, still not fix it.
+
+CVE: CVE-2021-46790
+Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz]
+Comment: No change in any hunk
+Signed-off-by: Omkar Patil <Omkar.Patil@kpit.com>
+
+---
+ ntfsprogs/ntfsck.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/ntfsprogs/ntfsck.c b/ntfsprogs/ntfsck.c
+index d49f3f96..8c126411 100644
+--- a/ntfsprogs/ntfsck.c
++++ b/ntfsprogs/ntfsck.c
+@@ -616,7 +616,8 @@ static BOOL check_file_record(u8 *buffer, u16 buflen)
+
+ // Remove update seq & check it.
+ usa = *(u16*)(buffer+usa_ofs); // The value that should be at the end of every sector.
+- assert_u32_equal(usa_count-1, buflen/NTFS_BLOCK_SIZE, "USA length");
++ if (assert_u32_equal(usa_count-1, buflen/NTFS_BLOCK_SIZE, "USA length"))
++ return (1);
+ for (i=1;i<usa_count;i++) {
+ u16 *fixup = (u16*)(buffer+NTFS_BLOCK_SIZE*i-2); // the value at the end of the sector.
+ u16 saved_val = *(u16*)(buffer+usa_ofs+2*i); // the actual data value that was saved in the us array.
@@ -8,7 +8,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \
SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \
file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \
-"
+ file://CVE-2021-46790.patch \
+ "
+
S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}"
SRC_URI[md5sum] = "90da343e78877d388eb34cefae6799ae"
SRC_URI[sha256sum] = "55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb"