Your submission was sent successfully! Close

CVE-2015-0247

Published: 17 February 2015

Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.

Priority

Medium

Status

Package Release Status
e2fsprogs
Launchpad, Ubuntu, Debian
Upstream
Released (1.42.12-1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.42.9-3ubuntu1.2)
Patches:
Upstream: https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4446738c2c7f43d41988a3eb73347e2f5