Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sleuth Kit APFS Keybag Parser Out-of-Bounds Read
Vulnerability Description
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrapped_key_parser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS disk image that triggers information disclosure or crashes when processed by any Sleuth Kit tool that parses APFS volumes.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Vulnerability Type
跨界内存读
Vulnerability Title
The Sleuth Kit(TSK) 缓冲区错误漏洞
Vulnerability Description
The Sleuth Kit(TSK)是Brian Carrier个人开发者的一套数据取证工具集合。该工具能够分析FAT、NTFS、UFS等文件系统,并提供文件系统的详细信息。 The Sleuth Kit(TSK) 4.14.0及之前版本存在缓冲区错误漏洞,该漏洞源于越界读取,可能导致信息泄露或崩溃。
CVSS Information
N/A
Vulnerability Type
N/A