FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

e2fsprogs -- maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck

Affected packages
e2fsprogs < 1.45.4

Details

VuXML ID ad3451b9-23e0-11ea-8b36-f1925a339a82
Discovery 2019-09-23
Entry 2019-12-21

Ted Y. Ts'o reports:

A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck.

References

CVE Name CVE-2019-5094
URL http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.45.4