A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
https://www.debian.org/security/2022/dsa-5160
https://security.gentoo.org/glsa/202301-01
https://lists.debian.org/debian-lts-announce/2022/06/msg00017.html
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-xchm-ph5h-hw4x