new file mode 100644
@@ -0,0 +1,32 @@
+From fb28eef6f1c26170566187c1ab7dc913a13ea43c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
+Date: Tue, 10 May 2022 10:48:18 +0200
+Subject: [PATCH] Hardened the checking of directory offset requested by a
+ readdir
+
+When asked for the next directory entries, make sure the chunk offset
+is within valid values, otherwise return no more entries in chunk.
+
+CVE: CVE-2022-30785
+CVE: CVE-2022-30787
+Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz]
+Comment: No change in any hunk
+Signed-off-by: Omkar Patil <Omkar.Patil@kpit.com>
+
+---
+ libfuse-lite/fuse.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libfuse-lite/fuse.c b/libfuse-lite/fuse.c
+index 6f9242b7..3d653e63 100644
+--- a/libfuse-lite/fuse.c
++++ b/libfuse-lite/fuse.c
+@@ -2223,7 +2223,7 @@ static void fuse_lib_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
+ }
+ }
+ if (dh->filled) {
+- if (off < dh->len) {
++ if ((off >= 0) && (off < dh->len)) {
+ if (off + size > dh->len)
+ size = dh->len - off;
+ } else
@@ -11,6 +11,7 @@ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \
file://CVE-2021-46790.patch \
file://CVE-2022-30783.patch \
file://CVE-2022-30784.patch \
+ file://CVE-2022-30785_30787.patch \
"
S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}"