Vulnerabilities (CVE)

Filtered by vendor E2fsprogs Project Subscribe

Filtered by product E2fsprogs

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-5094	5 Canonical, Debian, E2fsprogs Project and 2 more	6 Ubuntu Linux, Debian Linux, E2fsprogs and 3 more	2022-06-27	4.6 MEDIUM	6.7 MEDIUM
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
CVE-2019-5188	6 Canonical, Debian, E2fsprogs Project and 3 more	8 Ubuntu Linux, Debian Linux, E2fsprogs and 5 more	2022-05-12	4.4 MEDIUM	6.7 MEDIUM
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.