Debian Bug report logs -
#941139
CVE-2019-5094: malicious fs can cause buffer overrun in e2fsck
Package:
src:e2fsprogs;
Maintainer for src:e2fsprogs is Theodore Y Ts'o <tytso@mitedu>;
Reported by: "Theodore Y Ts'o" <tytso@mitedu>
Date: Wed, 25 Sep 2019 15:42:01 UTC
Severity: grave
Tags: fixed-upstream, security, ...
e2fsprogs could be made to execute arbitrary code if it is running in
a crafted ext4 partition ...
e2fsprogs could be made to execute arbitrary code if it is
running in a crafted ext4 partition ...
Lilith of Cisco Talos discovered a buffer overflow flaw in the quota
code used by e2fsck from the ext2/ext3/ext4 file system utilities
Running e2fsck on a malformed file system can result in the execution of
arbitrary code
For the oldstable distribution (stretch), this problem has been fixed
in version 1434-2+deb9u1
For the stable distribution ...
Synopsis
Moderate: e2fsprogs security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for e2fsprogs is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scorin ...
Synopsis
Moderate: e2fsprogs security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for e2fsprogs is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Synopsis
Low: OpenShift Container Platform 4340 security and bug fix update
Type/Severity
Security Advisory: Low
Topic
An update is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring S ...
Synopsis
Moderate: security update - Red Hat Ansible Tower 36 runner release (CVE-2019-18874)
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Ansible Tower 36 runner release (CVE-2019-18874)
Description
Updated python-psutil version to 566 inside ansible-runner container(CVE-20 ...
Synopsis
Important: Container-native Virtualization security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 240 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Securi ...
Synopsis
Moderate: security update - Red Hat Ansible Tower 37 runner release (CVE-2019-18874)
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Ansible Tower 37 runner release (CVE-2019-18874)
Description
Updated python-psutil version to 566 inside ansible-runner container (CVE-2 ...
Synopsis
Moderate: OpenShift Container Platform 461 image security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1453 A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution An attacker can corrupt a partition to trigger this vulnerability (CVE-2019-5094)
A code execution vulnerability exists in the director ...
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1453 A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution An attacker can corrupt a partition to trigger this vulnerability (CVE-2019-5094)
A code execution vulnerability exists in the director ...