CVE-2016-4804

NameCVE-2016-4804
DescriptionThe read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-2224-1, DLA-474-1
NVD severitylow

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dosfstools (PTS)stretch4.1-1fixed
buster4.1-2fixed
bullseye, sid4.2-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dosfstoolssourcewheezy3.0.13-1+deb7u1DLA-474-1
dosfstoolssourcejessie3.0.27-1+deb8u1DLA-2224-1
dosfstoolssource(unstable)4.0-1

Notes

https://github.com/dosfstools/dosfstools/issues/25
https://github.com/dosfstools/dosfstools/issues/26
https://github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52

Search for package or bug name: Reporting problems