CVE-2015-1572

EPSS 0.15%

e2fsprogs - security update

發布日:2015/2/24修改日:2026/4/28

也稱為:DEBIAN-CVE-2015-1572

描述

Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.

受影響套件(2)

Debian/e2fsprogsfrom 0, < 1.42.12-1.1
Debian/e2fsprogsfrom 0, < 1.41.12-4+deb6u2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1572