Your submission was sent successfully! Close

CVE-2022-1304

Published: 14 April 2022

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
e2fsprogs
Launchpad, Ubuntu, Debian
bionic
Released (1.44.1-1ubuntu1.4)
focal
Released (1.45.5-2ubuntu1.1)
impish
Released (1.46.3-1ubuntu3.1)
jammy
Released (1.46.5-2ubuntu1.1)
trusty
Released (1.42.9-3ubuntu1.3+esm3)
upstream Pending

xenial
Released (1.42.13-1ubuntu1.2+esm1)
Patches:
upstream: https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=maint&id=ab51d587bb9b229b1fade1afd02e1574c1ba5c76