e2fsprogs-1.42.9-19.el7
エラータID: AXSA:2020-637:03
The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems.
Security Fix(es):
* e2fsprogs: Crafted ext4 partition leads to out-of-bounds write (CVE-2019-5094)
* e2fsprogs: Out-of-bounds write in e2fsck/rehash.c (CVE-2019-5188)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2019-5094
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
CVE-2019-5188
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
Update packages.
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
N/A
SRPMS
- e2fsprogs-1.42.9-19.el7.src.rpm
MD5: ebf66d896145b9622fbb018d4e10afc3
SHA-256: ec02b2b35799e908553d1bdc83e39fec27c689b6abb525eb81dc7101697ccbd4
Size: 4.54 MB
Asianux Server 7 for x86_64
- e2fsprogs-1.42.9-19.el7.x86_64.rpm
MD5: 03b29a0ef0ae437c385b09ed5669ae0c
SHA-256: 1536e1f7ef5afb6821d1f1d950b600368ec62d4f7bc15f9e871d2770cb4c3cd9
Size: 699.61 kB - e2fsprogs-devel-1.42.9-19.el7.x86_64.rpm
MD5: 95a18582e9064f9b18e02ef7d55b6eb1
SHA-256: b4185b8fe7d81edd53a8522c3cf45fa6b8c21094dec323d171b56f29662fa3b9
Size: 71.86 kB - e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm
MD5: 2fb54163342a71e1f1f28363aba8895b
SHA-256: 69253eb532a90ec15ab2f03b16494788de4795e4f3dfcfea872e085fc722378d
Size: 167.22 kB - libcom_err-1.42.9-19.el7.x86_64.rpm
MD5: 2bbcf9d27f2de5ef9e186ef543d195d7
SHA-256: 9399b6184674e65b47e0416dcafeec1ce449d94bc7189c6e30984557b08f446e
Size: 41.18 kB - libcom_err-devel-1.42.9-19.el7.x86_64.rpm
MD5: 5f809588904d23ab7514ab32652b24f4
SHA-256: 973f0ddc8078ce364c95e7cd9e645427e9a19dc412f94e53b48727ab4d600992
Size: 31.34 kB - libss-1.42.9-19.el7.x86_64.rpm
MD5: d8b3894ee108c899ea1ecf72eda2d584
SHA-256: 0457312e5f04d86c2e7362a4c4a3128b162c89fa3b8ba23bb59cea58f37dfc0c
Size: 45.79 kB - e2fsprogs-devel-1.42.9-19.el7.i686.rpm
MD5: 48b92bb6d88a97f13cb0db66daea64b3
SHA-256: e764db758b8f1c3102fb5af081955cf54e5ff26d9cf23b6b923bebda69bf3c3b
Size: 71.87 kB - e2fsprogs-libs-1.42.9-19.el7.i686.rpm
MD5: 68b7fa4c2289dd7de9bc796813329b6b
SHA-256: a5d973291095488f9cda83d01983b4f4ae9dabd9eea114f1ce37407f89705149
Size: 179.38 kB - libcom_err-1.42.9-19.el7.i686.rpm
MD5: f8cd4ae4356a15068464e28d2186ca1b
SHA-256: a579d85a59717a4adb460ae53ce6c046b32ffb6b691340c6b5f07d8386b9c299
Size: 41.23 kB - libcom_err-devel-1.42.9-19.el7.i686.rpm
MD5: 527d48f8cce7b50c8582ec22c6110cff
SHA-256: 06dafffb5b4eb9c0cdd7113a6336106f5e26a8e3383cde62a3f3ca4fec7afef5
Size: 31.38 kB - libss-1.42.9-19.el7.i686.rpm
MD5: ee32ec73d425b4593141a5babcfa2932
SHA-256: 2292a62b1af7d0e91bccb537ee1f36f9bb7dab2a31528dce752f8f9ff44477e8
Size: 45.61 kB