Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.8 views

CVE-2025-70101

An out-of-bounds read in the ext4extbinsearchidx function in src/ext4extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by supplying a specially crafted ext4 filesystem image. The vulnerability occurs due to insufficient validation of extent header fields before...

5.8AI score0.0028EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.42 views

CVE-2025-70100

A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...

0.00155EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.19 views

PT-2026-45935

Name of the Vulnerable Software and Affected Versions lwext4 version 1.0.0 Description An out-of-bounds read exists in the ext4 ext binsearch idx function within the src/ext4 extent.c file. This occurs because extent header fields are not sufficiently validated before a binary search is performed...

6.5CVSS5.4AI score0.0028EPSS
Exploits1References8
NVD
NVD
added 2026/06/01 9:16 p.m.15 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

7.5CVSS0.0035EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 12:0 a.m.12 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

5.9AI score0.0035EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.26 views

PT-2026-45548

A NULL pointer dereference in the ext4 dir en get name len function in include/ext4 dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validat...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References6
Rows per page
Query Builder