Headline
Ubuntu Security Notice USN-6970-1
Ubuntu Security Notice 6970-1 - It was discovered that exfatprogs incorrectly handled certain memory operations. If a user or automated system were tricked into handling specially crafted exfat partitions, a remote attacker could use this issue to cause exfatprogs to crash, resulting in a denial of service, or possibly execute arbitrary code.
==========================================================================Ubuntu Security Notice USN-6970-1August 20, 2024exfatprogs vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:exfatprogs could be made to crash or run programs if it handled a speciallycrafted partition.Software Description:- exfatprogs: tools to create, check and label exFAT filesystemsDetails:It was discovered that exfatprogs incorrectly handled certain memoryoperations. If a user or automated system were tricked into handlingspecially crafted exfat partitions, a remote attacker could use this issueto cause exfatprogs to crash, resulting in a denial of service, or possiblyexecute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS exfatprogs 1.1.3-1ubuntu0.1In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6970-1 CVE-2023-45897Package Information: https://launchpad.net/ubuntu/+source/exfatprogs/1.1.3-1ubuntu0.1
Related news
Red Hat Security Advisory 2024-2437-03
Red Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.
CVE-2023-45897: fsck: fix out-of-bounds memory access · exfatprogs/exfatprogs@22d0e43
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.