10 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: sleuthkit (UTSA-2026-014269)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014269 advisory. The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and...
OESA-2026-1937 sleuthkit security update
The Sleuth Kit previously known as TASK is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, EXT3FS and ExFAT file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can...
CVE-2026-40026
A flaw was found in The Sleuth Kit's ISO9660 filesystem parser. An attacker can craft a malicious ISO image that exploits an out-of-bounds read vulnerability in the parsesusp function. This vulnerability occurs because the function trusts length fields from the disk image without proper validatio...
DEBIAN-CVE-2026-40026
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...
CVE-2026-40026
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...
CVE-2026-40026 Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...
CVE-2026-40026
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...
CVE-2026-40026
CVE-2026-40026 affects The Sleuth Kit up to version 4.14.0. The ISO9660 SUSP extension parser’s parse_susp() trusts length fields (len_id, len_des, len_src) from the disk image and copies data into a stack buffer without validating source bounds, enabling reads past the SUSP data buffer and poten...
CVE-2026-40026
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...
PT-2026-31463
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse susp function trusts len id, len des, and len src fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parse...