MGASA-2015-0422

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0422.html

Import Source

https://advisories.mageia.org/MGASA-2015-0422.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2015-0422

Published

2015-11-02T20:21:29Z

Modified

2026-04-16T04:28:36.513643Z

Summary

Updated exfat-utils package fixes security vulnerabilities

Details

Fix heap overflow and endless loop in exfatfsck

exfat-utils is a collection of tools to work with the exFAT filesystem. Fuzzing the exfatfsck with american fuzzy lop led to the discovery of a write heap overflow and an endless loop.

Especially at risk are systems that are configured to run filesystem checks automatically on external devices like USB flash drives.

A malformed input can cause a write heap overflow in the function verifyvbrchecksum. It might be possible to use this for code execution.

Another malformed input can cause an endless loop, leading to a possible denial of service.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / exfat-utils

Package

Name: exfat-utils
Purl: pkg:rpm/mageia/exfat-utils?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.0-3.1.mga5

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2015-0422.json"