Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
e2fsprogs libext2fs库基于堆的缓冲区溢出漏洞
Vulnerability Description
e2fsprogs(又名e2fs programs)是美国软件开发者曹子德(Theodore Y. Ts'o)所研发的一套用以维护ext2、ext3和ext4文件系统(是大多数Linux发行版默认的文件系统)的工具程序集。 e2fsprogs 1.42.11及之前版本的libext2fs库中的openfs.c文件存在基于堆的缓冲区溢出漏洞。本地攻击者可通过将特制的块组描述符标记为‘dirty’利用该漏洞执行任意代码。(注:该漏洞源于CNNVD-201502-189补丁的不完全修复)
CVSS Information
N/A
Vulnerability Type
N/A