Описание
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | e2fsprogs | Out of support scope | ||
| Red Hat Enterprise Linux 6 | e2fsprogs | Out of support scope | ||
| Red Hat Enterprise Linux 7 | e2fsprogs | Fixed | RHSA-2020:4011 | 29.09.2020 |
| Red Hat Enterprise Linux 8 | e2fsprogs | Fixed | RHSA-2020:1913 | 28.04.2020 |
| Red Hat OpenShift Do | openshiftdo/odo-init-image-rhel7 | Fixed | RHSA-2021:0949 | 22.03.2021 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
A code execution vulnerability exists in the directory rehashing funct ...
7.5 High
CVSS3