Описание
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
Ссылки
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.8.0 (включая)
cpe:2.3:a:sleuthkit:the_sleuth_kit:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01411
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 6 лет назад
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
CVSS3: 9.8
debian
почти 6 лет назад
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack ...
CVSS3: 9.8
github
больше 3 лет назад
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
EPSS
Процентиль: 80%
0.01411
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787