In the Linux kernel, the following vulnerability has been...
Unreviewed
Published
Dec 24, 2024
to the GitHub Advisory Database
•
Updated Dec 24, 2024
Description
Published by the National Vulnerability Database
Dec 24, 2024
Published to the GitHub Advisory Database
Dec 24, 2024
Last updated
Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix out-of-bounds access of directory entries
In the case of the directory size is greater than or equal to
the cluster size, if start_clu becomes an EOF cluster(an invalid
cluster) due to file system corruption, then the directory entry
where ei->hint_femp.eidx hint is outside the directory, resulting
in an out-of-bounds access, which may cause further file system
corruption.
This commit adds a check for start_clu, if it is an invalid cluster,
the file or directory will be treated as empty.
References