FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

e2fsprogs -- out-of-bounds read/write vulnerability

Affected packages
e2fsprogs < 1.46.5_1
e2fsprogs-nobootfsck < 1.46.5_1
e2fsprogs-roothardlinks < 1.46.5_1

Details

VuXML ID a58f3fde-e4e0-11ec-8340-2d623369b8b5
Discovery 2022-03-24
Entry 2022-06-05

Nils Bars reports:

During the processing of [a specially fuzzed disk image], an out-of-bounds write is triggered and causes a segmentation fault (SIGSEGV).

[source]

References

CVE Name CVE-2022-1304
URL https://bugzilla.redhat.com/show_bug.cgi?id=2068113
URL https://bugzilla.redhat.com/show_bug.cgi?id=2069726
URL https://lore.kernel.org/linux-ext4/20220421173148.20193-1-lczerner@redhat.com/T/#u

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.