CVE-2022-1304

Опубликовано: 24 мар. 2022

Источник: redhat

CVSS3: 5.8

EPSS Низкий

Описание

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

An out-of-bounds read/write vulnerability was found in e2fsprogs. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	e2fsprogs	Out of support scope
Red Hat Enterprise Linux 7	e2fsprogs	Out of support scope
Red Hat Enterprise Linux 8	e2fsprogs	Fixed	RHSA-2022:7720	08.11.2022
Red Hat Enterprise Linux 9	e2fsprogs	Fixed	RHSA-2022:8361	15.11.2022
Red Hat Enterprise Linux 9	e2fsprogs	Fixed	RHSA-2022:8361	15.11.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=2069726e2fsprogs: out-of-bounds read/write via crafted filesystem

EPSS

Процентиль: 65%

0.00505

Низкий

5.8 Medium

CVSS3

Связанные уязвимости

CVE-2022-1304

CVSS3: 7.8

ubuntu

около 3 лет назад

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

CVE-2022-1304

CVSS3: 7.8

nvd

около 3 лет назад

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

CVE-2022-1304

CVSS3: 7.8

msrc

около 3 лет назад

Описание отсутствует

CVE-2022-1304

CVSS3: 7.8

debian

около 3 лет назад

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46. ...

SUSE-SU-2022:1718-1

suse-cvrf

около 3 лет назад

Security update for e2fsprogs

EPSS

Процентиль: 65%

0.00505

Низкий

5.8 Medium

CVSS3