4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.4%
Package : e2fsprogs
Version : 1.41.12-4+deb6u2
CVE ID : CVE-2015-1572
Debian Bug : 778948
ose Duart of the Google Security Team discovered a buffer overflow in
in e2fsprogs, a set of utilities for the ext2, ext3, and ext4 file
systems. This issue can possibly lead to arbitrary code execution if
a malicious device is plugged in, the system is configured to
automatically mount it, and the mounting process chooses to run fsck
on the device's malicious filesystem.
CVE-2015-1572
Incomplete fix for CVE-2015-0247.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | e2fsprogs | < 1.41.12-4+deb6u2 | e2fsprogs_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | libcomerr2-dbg | < 1.41.12-4+deb6u2 | libcomerr2-dbg_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | e2fsprogs-dbg | < 1.41.12-4+deb6u2 | e2fsprogs-dbg_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | ss-dev | < 1.41.12-4+deb6u2 | ss-dev_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | comerr-dev | < 1.41.12-4+deb6u2 | comerr-dev_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | libss2-dbg | < 1.41.12-4+deb6u2 | libss2-dbg_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | e2fsck-static | < 1.41.12-4+deb6u2 | e2fsck-static_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | libss2 | < 1.41.12-4+deb6u2 | libss2_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | e2fslibs-dev | < 1.41.12-4+deb6u2 | e2fslibs-dev_1.41.12-4+deb6u2_all.deb |
Debian | 6 | all | e2fsprogs-udeb | < 1.41.12-4+deb6u2 | e2fsprogs-udeb_1.41.12-4+deb6u2_all.deb |