2 matches found
CVE-2016-4804
CVE-2016-4804 (dosfstools) affects dosfstools prior to 4.0. The vulnerability is in read_boot (boot.c) and can cause a denial of service (crash) via a crafted filesystem, due to a heap-based buffer overflow in read_fat or an out-of-bounds heap read in get_fat. Affected component: dosfstools read_...
CVE-2015-8872
CVE-2015-8872 affects dosfstools: the set_fat function in fat.c can trigger an off-by-two error on FAT12 filesystems when writing an odd number of clusters to the third-to-last entry, potentially causing an invalid memory read and a crash (DoS). Affected is dosfstools prior to 4.0; multiple post-...