ALT-PU-2023-8413-1
Package exfatprogs updated to version 1.2.2-alt1 for branch p10 in task 335282.
Closed vulnerabilities
Published: 2023-10-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-45897
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
References:
- https://dfir.ru/2023/11/01/cve-2023-45897-a-vulnerability-in-the-linux-exfat-userspace-tools/
- https://dfir.ru/2023/11/01/cve-2023-45897-a-vulnerability-in-the-linux-exfat-userspace-tools/
- https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4
- https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4
- https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae
- https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae
- https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
- https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
- https://github.com/exfatprogs/exfatprogs/releases/tag/1.2.2
- https://github.com/exfatprogs/exfatprogs/releases/tag/1.2.2
- https://lists.debian.org/debian-lts-announce/2024/09/msg00003.html