CVE-2023-45897

Name
CVE-2023-45897
Description
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4
MISC https://github.com/exfatprogs/exfatprogs/releases/tag/1.2.2
MISC https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae
MISC https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
MISC https://dfir.ru/2023/11/01/cve-2023-45897-a-vulnerability-in-the-linux-exfat-userspace-tools/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:namjaejeon:exfatprogs:*:*:*:*:*:*:*:* exfatprogs >= None < 1.2.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
exfatprogs 3.18-community 1.2.0-r2 Milan P. Stanić <mps@arvanta.net> possibly vulnerable