← Retour aux CVEs
CVE-2015-0247
N/ADescription
Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.
Details CVE
Score CVSS v3.1N/A
Publie2/17/2015
Derniere modification4/12/2025
Sourcenvd
Observations honeypot0
Produits affectes
canonical:ubuntu_linuxdebian:debian_linuxe2fsprogs_project:e2fsprogsfedoraproject:fedora
Faiblesses (CWE)
CWE-119
References
http://advisories.mageia.org/MGASA-2015-0061.html(secalert@redhat.com)
http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149434.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150606.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150805.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00019.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-updates/2015-06/msg00010.html(secalert@redhat.com)
http://packetstormsecurity.com/files/130283/e2fsprogs-Input-Sanitization.html(secalert@redhat.com)
http://www.debian.org/security/2015/dsa-3166(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2015:045(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2015:067(secalert@redhat.com)
http://www.ocert.org/advisories/ocert-2015-002.html(secalert@redhat.com)
http://www.securityfocus.com/archive/1/534633/100/0/threaded(secalert@redhat.com)
http://www.securityfocus.com/bid/72520(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2507-1(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1187032(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100740(secalert@redhat.com)
https://security.gentoo.org/glsa/201701-06(secalert@redhat.com)
http://advisories.mageia.org/MGASA-2015-0061.html(af854a3a-2127-422b-91ae-364da2661108)
http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149434.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150606.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150805.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00019.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2015-06/msg00010.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/130283/e2fsprogs-Input-Sanitization.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2015/dsa-3166(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2015:045(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2015:067(af854a3a-2127-422b-91ae-364da2661108)
http://www.ocert.org/advisories/ocert-2015-002.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/534633/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/72520(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2507-1(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1187032(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100740(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201701-06(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.