19 matches found
CVE-2026-42444
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...
CVE-2026-42444
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...
CVE-2026-42444 NanaZip: Unbounded resource consumption in NanaZip littlefs parser via attacker-controlled BlockCount
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...
EUVD-2026-29789
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...
CVE-2026-42444
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...
CVE-2026-42444
NanaZip: Unbounded resource consumption DoS in the littlefs image parser. From 5.0.1252.0 to before 6.0.1698.0, the parser reads BlockCount from a crafted superblock without validation, then allocates per-iteration path entries. A 44-byte littlefs image with BlockCount = 0xFFFFFFFF causes ~4 bill...
CVE-2026-42444 NanaZip: Unbounded resource consumption in NanaZip littlefs parser via attacker-controlled BlockCount
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...
NanaZip 安全漏洞
NanaZip is a compression software open-source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained security vulnerabilities. These vulnerabilities stemmed from the Open method in the littlefs file system image resolver, which directly read the BlockCount value controlled by...
PT-2026-40358
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...
EUVD-2020-5844
Malware in sbrugna...
Unspecified vulnerability in Zephyr (CNVD-2021-95624)
Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a security vulnerability that stems from the fact that when setup in conjunction with littlefs, MCUmgr can be used to extract all security-related information from the device. No details of the vulnerability...
CVE-2020-13599
Security problem with settings and littlefs. Zephyr versions = 1.14.2, = 2.3.0 contain Incorrect Default Permissions CWE-276. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q...
CVE-2020-13599
Security problem with settings and littlefs. Zephyr versions = 1.14.2, = 2.3.0 contain Incorrect Default Permissions CWE-276. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q...
Zephyr 安全漏洞
Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a security vulnerability that stems from the fact that when setup in conjunction with littlefs, MCUmgr can be used to extract all security-related information from the device. No details of the vulnerability...
CVE-2020-13599 Security problem with settings and littlefs
Security problem with settings and littlefs. Zephyr versions = 1.14.2, = 2.3.0 contain Incorrect Default Permissions CWE-276. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q...
CVE-2020-13599
CVE-2020-13599 concerns a security problem with Zephyr’s settings handling when used with littlefs, where Zephyr versions >= 1.14.2 and >= 2.3.0 are affected by incorrect default permissions (CWE-276). The available connected sources corroborate the issue and link to the GHSA advisory GHSA-...
PT-2020-4883 · Microsoft · Azure Sphere
Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue exists due to insufficient input validation in the Littlefs Quota component of the Azure Sphere operating system. Exploitation of this issue may allow an attacker to cause a...
Microsoft Azure Sphere Littlefs Quota denial of service vulnerability
Talos Vulnerability Report TALOS-2020-1129 Microsoft Azure Sphere Littlefs Quota denial of service vulnerability September 23, 2020 CVE Number CVE-2020-16986 SUMMARY A denial of service vulnerability exists in the Littlefs Quota functionality of Microsoft Azure Sphere 20.06. A specially crafted s...
Microsoft Azure Sphere Littlefs truncate information disclosure vulnerability
Talos Vulnerability Report TALOS-2020-1130 Microsoft Azure Sphere Littlefs truncate information disclosure vulnerability September 23, 2020 CVE Number None SUMMARY An information disclosure vulnerability exists in the Littlefs filesystem functionality of Microsoft Azure Sphere 20.06. A specially...