vulnerability
Oracle Linux: CVE-2023-45897: ELSA-2024-2437: exfatprogs security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:C/A:N) | Oct 28, 2023 | May 7, 2024 | Nov 27, 2024 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:N)
Published
Oct 28, 2023
Added
May 7, 2024
Modified
Nov 27, 2024
Description
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
A flaw was found in Exfatprogs, a userspace utility that contains all of the standard utilities for creating, fixing, and debugging the exfat filesystem in the linux system.This issue may allow out-of-bounds memory access such as in read_file_dentry_set. To exploit this vulnerability, the attacker must possess authorization with privileges granting basic user capabilities, and can achieve out-of-bounds memory access.
A flaw was found in Exfatprogs, a userspace utility that contains all of the standard utilities for creating, fixing, and debugging the exfat filesystem in the linux system.This issue may allow out-of-bounds memory access such as in read_file_dentry_set. To exploit this vulnerability, the attacker must possess authorization with privileges granting basic user capabilities, and can achieve out-of-bounds memory access.
Solution
oracle-linux-upgrade-exfatprogs
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.