CVE-2019-5094
Description
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.313
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Security Guardium 10.5 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 10.6 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.0 | Windows |
| e2fsprogs security update(DSA-4535-1) e2fsprogs_1.43.4-2+deb9u1_i386.deb | Linux |
| e2fsprogs security update(DSA-4535-1) e2fsprogs_1.43.4-2+deb9u1_amd64.deb | Linux |
| e2fsprogs security update(DSA-4535-1) e2fsprogs_1.44.5-1+deb10u2_amd64.deb | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-1.45.4-3.el8.x86_64.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-debugsource-1.45.4-3.el8.i686.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-debugsource-1.45.4-3.el8.x86_64.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-devel-1.45.4-3.el8.i686.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-devel-1.45.4-3.el8.x86_64.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-libs-1.45.4-3.el8.i686.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-libs-1.45.4-3.el8.x86_64.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-1.45.4-3.el8.i686.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-1.45.4-3.el8.x86_64.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-devel-1.45.4-3.el8.i686.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-devel-1.45.4-3.el8.x86_64.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update libss-1.45.4-3.el8.i686.rpm | Linux |
| (RHSA-2020:1913) e2fsprogs security, bug fix, and enhancement update libss-1.45.4-3.el8.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-devel-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-libs-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-static-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-static-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-devel-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-devel-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-1.45.4-3.el8.x86_64.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-devel-1.45.4-3.el8.i686.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-devel-1.45.4-3.el8.x86_64.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-libs-1.45.4-3.el8.i686.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update e2fsprogs-libs-1.45.4-3.el8.x86_64.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-1.45.4-3.el8.i686.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-1.45.4-3.el8.x86_64.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-devel-1.45.4-3.el8.i686.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update libcom_err-devel-1.45.4-3.el8.x86_64.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update libss-1.45.4-3.el8.i686.rpm | Linux |
| (CESA-2020:1913) e2fsprogs security, bug fix, and enhancement update libss-1.45.4-3.el8.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-static-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libcom_err-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libcom_err-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libss-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libss-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011)Moderate: security and bug fix update e2fsprogs-debuginfo-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011)Moderate: security and bug fix update e2fsprogs-debuginfo-1.42.9-19.el7.x86_64.rpm | Linux |
| E2fsprogs update (ELSA-2020-4011) e2fsprogs-1.42.9-19.el7.x86_64.rpm | Linux |
| E2fsprogs-devel update (ELSA-2020-4011) e2fsprogs-devel-1.42.9-19.el7.i686.rpm | Linux |
| E2fsprogs-devel update (ELSA-2020-4011) e2fsprogs-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| E2fsprogs-libs update (ELSA-2020-4011) e2fsprogs-libs-1.42.9-19.el7.i686.rpm | Linux |
| E2fsprogs-libs update (ELSA-2020-4011) e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | Linux |
| Libcom_err update (ELSA-2020-4011) libcom_err-1.42.9-19.el7.i686.rpm | Linux |
| Libcom_err update (ELSA-2020-4011) libcom_err-1.42.9-19.el7.x86_64.rpm | Linux |
| Libcom_err-devel update (ELSA-2020-4011) libcom_err-devel-1.42.9-19.el7.i686.rpm | Linux |
| Libcom_err-devel update (ELSA-2020-4011) libcom_err-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| Libss update (ELSA-2020-4011) libss-1.42.9-19.el7.i686.rpm | Linux |
| Libss update (ELSA-2020-4011) libss-1.42.9-19.el7.x86_64.rpm | Linux |
| Out-of-bounds Write Vulnerability (CVE-2019-5094) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234