Gentoo Linux Security Advisory 201507-22 - A heap-based buffer overflow in e2fsprogs could result in execution of arbitrary code. Versions less than 1.42.13 are affected.
ddc8103bc71b08b45094bb3fe6afa051609d7d51323034812601d3b47eae2d13
Mandriva Linux Security Advisory 2015-068 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247.
b547da908cb77286fbeb20f7ea69d2f1207a558ac6ff96033a398ae85fdf31e0
Mandriva Linux Security Advisory 2015-067 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247.
38751e11c91900e9c0695d3bf4ae0f4e529f2ae00cfb6443d6a315145ac890e0
Ubuntu Security Notice 2507-1 - Jose Duart discovered that e2fsprogs incorrectly handled invalid block group descriptor data. A local attacker could use this issue with a crafted filesystem image to possibly execute arbitrary code.
3de6d17500b7985ce0d6caf535a214a5195595178af020699e992b99fc08fd87
Debian Linux Security Advisory 3166-1 - Jose Duart of the Google Security Team discovered a buffer overflow in in e2fsprogs, a set of utilities for the ext2, ext3, and ext4 file systems. This issue can possibly lead to arbitrary code execution if a malicious device is plugged in, the system is configured to automatically mount it, and the mounting process chooses to run fsck on the device's malicious filesystem.
27227b3cac633bfc9c19baddb259253c2a9c639b7ddd345fada9860a5f161b0c