CVE-2015-8872
MEDIUM6.2EPSS 0.09%dosfstools - security update
發布日:2016/6/3修改日:2026/4/28
也稱為:DEBIAN-CVE-2015-8872
描述
The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."
受影響套件(3)
- Debian/dosfstoolsfrom 0, < 4.0-1
- Debian/dosfstoolsfrom 0, < 3.0.27-1+deb8u1
- Debian/dosfstoolsfrom 0, < 3.0.13-1+deb7u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.2 | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |