vulnerability
Oracle Linux: CVE-2023-45897: ELSA-2024-2437: exfatprogs security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:C/A:N) | 10/28/2023 | 05/07/2024 | 11/27/2024 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:N)
Published
10/28/2023
Added
05/07/2024
Modified
11/27/2024
Description
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
A flaw was found in Exfatprogs, a userspace utility that contains all of the standard utilities for creating, fixing, and debugging the exfat filesystem in the linux system.This issue may allow out-of-bounds memory access such as in read_file_dentry_set. To exploit this vulnerability, the attacker must possess authorization with privileges granting basic user capabilities, and can achieve out-of-bounds memory access.
A flaw was found in Exfatprogs, a userspace utility that contains all of the standard utilities for creating, fixing, and debugging the exfat filesystem in the linux system.This issue may allow out-of-bounds memory access such as in read_file_dentry_set. To exploit this vulnerability, the attacker must possess authorization with privileges granting basic user capabilities, and can achieve out-of-bounds memory access.
Solution
oracle-linux-upgrade-exfatprogs
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.