CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
20.1%
Package : e2fsprogs
Version : 1.41.12-4+deb6u2
CVE ID : CVE-2015-1572
Debian Bug : 778948
ose Duart of the Google Security Team discovered a buffer overflow in
in e2fsprogs, a set of utilities for the ext2, ext3, and ext4 file
systems. This issue can possibly lead to arbitrary code execution if
a malicious device is plugged in, the system is configured to
automatically mount it, and the mounting process chooses to run fsck
on the device's malicious filesystem.
CVE-2015-1572
Incomplete fix for CVE-2015-0247.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | mips | e2fslibs-dev | < 1.42.5-1.1+deb7u1 | e2fslibs-dev_1.42.5-1.1+deb7u1_mips.deb |
Debian | 7 | armhf | e2fsck-static | < 1.42.5-1.1+deb7u1 | e2fsck-static_1.42.5-1.1+deb7u1_armhf.deb |
Debian | 7 | s390 | e2fsck-static | < 1.42.5-1.1+deb7u1 | e2fsck-static_1.42.5-1.1+deb7u1_s390.deb |
Debian | 7 | s390x | e2fsprogs-udeb | < 1.42.5-1.1+deb7u1 | e2fsprogs-udeb_1.42.5-1.1+deb7u1_s390x.deb |
Debian | 7 | ia64 | libss2 | < 1.42.5-1.1+deb7u1 | libss2_1.42.5-1.1+deb7u1_ia64.deb |
Debian | 7 | s390 | libss2 | < 1.42.5-1.1+deb7u1 | libss2_1.42.5-1.1+deb7u1_s390.deb |
Debian | 7 | mips | libss2 | < 1.42.5-1.1+deb7u1 | libss2_1.42.5-1.1+deb7u1_mips.deb |
Debian | 7 | amd64 | libss2-dbg | < 1.42.5-1.1+deb7u1 | libss2-dbg_1.42.5-1.1+deb7u1_amd64.deb |
Debian | 6 | amd64 | libcomerr2 | < 1.41.12-4+deb6u2 | libcomerr2_1.41.12-4+deb6u2_amd64.deb |
Debian | 7 | mips | comerr-dev | < 2.1-1.42.5-1.1+deb7u1 | comerr-dev_2.1-1.42.5-1.1+deb7u1_mips.deb |