First published: Tue Feb 24 2015(Updated: )
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
E2fsprogs Project E2fsprogs | <=1.42.11 | |
Debian Debian Linux | =7.0 | |
Canonical Ubuntu Linux | =10.04 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =14.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.