Debian Dosfstools vulnerabilities

CVE-2016-4804 [MEDIUM] CVE-2016-4804: dosfstools - The read_boot function in boot.c in dosfstools before 4.0 allows attackers to ca... The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function. Scope: local bookworm: resolved (fixed in 4.0-1) bullseye: resolved (fixed in 4.0-1) forky: resolve

CVE-2015-8872 [MEDIUM] CVE-2015-8872: dosfstools - The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to ... The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error." Scope: local bookworm: resolved (fixed in 4.0-1) bullseye: resolved (fix