Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6970-1

Ubuntu Security Notice 6970-1 - It was discovered that exfatprogs incorrectly handled certain memory operations. If a user or automated system were tricked into handling specially crafted exfat partitions, a remote attacker could use this issue to cause exfatprogs to crash, resulting in a denial of service, or possibly execute arbitrary code.

Packet Storm
#vulnerability#ubuntu#dos
==========================================================================Ubuntu Security Notice USN-6970-1August 20, 2024exfatprogs vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:exfatprogs could be made to crash or run programs if it handled a speciallycrafted partition.Software Description:- exfatprogs: tools to create, check and label exFAT filesystemsDetails:It was discovered that exfatprogs incorrectly handled certain memoryoperations. If a user or automated system were tricked into handlingspecially crafted exfat partitions, a remote attacker could use this issueto cause exfatprogs to crash, resulting in a denial of service, or possiblyexecute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS   exfatprogs                      1.1.3-1ubuntu0.1In general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-6970-1   CVE-2023-45897Package Information:   https://launchpad.net/ubuntu/+source/exfatprogs/1.1.3-1ubuntu0.1

Related news

Red Hat Security Advisory 2024-2437-03

Red Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.

CVE-2023-45897: fsck: fix out-of-bounds memory access · exfatprogs/exfatprogs@22d0e43

exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution