6 matches found
CVE-2026-8784
A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...
CVE-2026-8784
A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...
EUVD-2026-30728
A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...
CVE-2026-8784 npitre cramfs-tools cramfsck.c change_file_status symlink
A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...
CVE-2026-8784
Technical details are not publicly available in the provided documents. Monitor for updates.
cramfs-tools 后置链接漏洞
cramfs-tools is a compression read-only file system tool developed by Nicolas Pitre. Versions of cramfs-tools prior to 2.2 had a post-installation link vulnerability. This vulnerability stemmed from the operation of the changefilestatus function in the cramfsck.c file, which allowed symbolic link...