FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

e2fsprogs -- potential buffer overflow in closefs()

Affected packages
e2fsprogs < 1.42.12_2

Details

VuXML ID 2a4bcd7d-bbb8-11e4-903c-080027ef73ec
Discovery 2015-02-06
Entry 2015-02-24

Theodore Ts'o reports:

On a carefully crafted filesystem that gets modified through tune2fs or debugfs, it is possible to trigger a buffer overrun when the file system is closed via closefs().

[source]

References

CVE Name CVE-2015-1572
URL http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=maint&id=49d0fe2a14f2a23da2fe299643379b8c1d37df73

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.