Headline
CVE-2023-45897: fsck: fix out-of-bounds memory access · exfatprogs/exfatprogs@22d0e43
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
Expand Up @@ -811,7 +811,7 @@ static int handle_dot_dotdot_filename(struct exfat_de_iter *iter, char *rename = NULL; __u16 hash; struct exfat_dentry *stream_de; int name_len, ret; int ret;
switch (num) { case 1: Expand Down Expand Up @@ -840,11 +840,11 @@ static int handle_dot_dotdot_filename(struct exfat_de_iter *iter, if (ret < 0) return ret;
ret >>= 1; memcpy(dentry->name_unicode, utf16_name, ENTRY_NAME_MAX * 2); name_len = exfat_utf16_len(utf16_name, ENTRY_NAME_MAX * 2); hash = exfat_calc_name_hash(iter->exfat, utf16_name, (int)name_len); hash = exfat_calc_name_hash(iter->exfat, utf16_name, ret); exfat_de_iter_get_dirty(iter, 1, &stream_de); stream_de->stream_name_len = (__u8)name_len; stream_de->stream_name_len = (__u8)ret; stream_de->stream_name_hash = cpu_to_le16(hash); }
Expand Down
Related news
Ubuntu Security Notice 6970-1 - It was discovered that exfatprogs incorrectly handled certain memory operations. If a user or automated system were tricked into handling specially crafted exfat partitions, a remote attacker could use this issue to cause exfatprogs to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.