CVE-2016-4804 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Dosfstools

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122 — Heap-based Buffer Overflow8 documents7 sources

Severity

6.2MEDIUMNVD

EPSS

0.1%

top 68.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dosfstools Project Dosfstools Debian Dosfstools Canonical Ubuntu Linux +2 more

Timeline

PublishedJun 3

Latest updateMay 13

Description

The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.5 | Impact: 3.6

Affected Packages5 packages

▶debiandebian/dosfstools< dosfstools 4.0-1 (bookworm)

▶Debiandosfstools_project/dosfstools< 4.0-1+3

▶NVDdosfstools_project/dosfstools3.0.28

▶NVDopensuse/leap42.1

▶NVDopensuse/opensuse13.2

Also affects: Ubuntu Linux 12.04, 14.04, 15.10, 16.04

Patches

Patch: blog.fuzzing-project.org ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-q73q-vv6v-g3cp: The read_boot function in boot↗2022-05-13

▶

OSV

CVE-2016-4804: The read_boot function in boot↗2016-06-03

▶

📋Vendor Advisories

Ubuntu

dosfstools vulnerabilities↗2016-05-31

▶

Red Hat

dosfstools: Heap-buffer-overflows in read_fat() and get_fat() functions↗2016-05-14

▶

Debian

CVE-2016-4804: dosfstools - The read_boot function in boot.c in dosfstools before 4.0 allows attackers to ca...↗2016

▶

💬Community

Bugzilla

CVE-2015-8872 CVE-2016-4804 dosfstools: various flaws [fedora-all]↗2016-05-19

▶

Bugzilla

CVE-2016-4804 dosfstools: Heap-buffer-overflows in read_fat() and get_fat() functions↗2016-05-17

▶