QwikSec

Security Database

CVE

CWE

Training

CVE-2015-1572

Published: Feb 24, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

FEDORA-2015-2511

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_MANDRIVA

openSUSE-SU-2015:1006

vendor-advisory

x_refsource_SUSE

https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

FEDORA-2015-2516

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

http://advisories.mageia.org/MGASA-2015-0088.html

x_refsource_CONFIRM

openSUSE-SU-2015:1002

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_MANDRIVA

SUSE-SU-2015:1103

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.