CVE-2019-5188
Description
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.172
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Security Guardium 10.5 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 10.6 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.0 | Windows |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.44.1-1ubuntu1.3_i386.deb | Linux |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.44.1-1ubuntu1.3_amd64.deb | Linux |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.44.6-1ubuntu0.2_i386.deb | Linux |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.44.6-1ubuntu0.2_amd64.deb | Linux |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.45.3-4ubuntu2.1_i386.deb | Linux |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.45.3-4ubuntu2.1_amd64.deb | Linux |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.42.13-1ubuntu1.2_i386.deb | Linux |
| ext2/ext3/ext4 file system utilities (USN-4249-1) e2fsprogs_1.42.13-1ubuntu1.2_amd64.deb | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) e2fsprogs-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) e2fsprogs-debuginfo-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) e2fsprogs-debuginfo-32bit-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) e2fsprogs-debugsource-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) libcom_err2-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) libcom_err2-32bit-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) libcom_err2-debuginfo-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) libcom_err2-debuginfo-32bit-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) libext2fs2-1.43.8-3.11.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0360-1(SUSE Linux Enterprise Desktop 12-SP4 ) libext2fs2-debuginfo-1.43.8-3.11.1.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-devel-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-libs-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-static-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-static-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-devel-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libcom_err-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-devel-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011) e2fsprogs security and bug fix update libss-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update e2fsprogs-static-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libcom_err-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libcom_err-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libss-1.42.9-19.el7.x86_64.rpm | Linux |
| (CESA-2020:4011) e2fsprogs security and bug fix update libss-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| (RHSA-2020:4011)Moderate: security and bug fix update e2fsprogs-debuginfo-1.42.9-19.el7.i686.rpm | Linux |
| (RHSA-2020:4011)Moderate: security and bug fix update e2fsprogs-debuginfo-1.42.9-19.el7.x86_64.rpm | Linux |
| E2fsprogs update (ELSA-2020-4011) e2fsprogs-1.42.9-19.el7.x86_64.rpm | Linux |
| E2fsprogs-devel update (ELSA-2020-4011) e2fsprogs-devel-1.42.9-19.el7.i686.rpm | Linux |
| E2fsprogs-devel update (ELSA-2020-4011) e2fsprogs-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| E2fsprogs-libs update (ELSA-2020-4011) e2fsprogs-libs-1.42.9-19.el7.i686.rpm | Linux |
| E2fsprogs-libs update (ELSA-2020-4011) e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | Linux |
| Libcom_err update (ELSA-2020-4011) libcom_err-1.42.9-19.el7.i686.rpm | Linux |
| Libcom_err update (ELSA-2020-4011) libcom_err-1.42.9-19.el7.x86_64.rpm | Linux |
| Libcom_err-devel update (ELSA-2020-4011) libcom_err-devel-1.42.9-19.el7.i686.rpm | Linux |
| Libcom_err-devel update (ELSA-2020-4011) libcom_err-devel-1.42.9-19.el7.x86_64.rpm | Linux |
| Libss update (ELSA-2020-4011) libss-1.42.9-19.el7.i686.rpm | Linux |
| Libss update (ELSA-2020-4011) libss-1.42.9-19.el7.x86_64.rpm | Linux |
| Out-of-bounds Write Vulnerability (CVE-2019-5188) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234