Vulnerability Details CVE-2023-45897
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.2%
CVSS Severity
CVSS v3 Score 5.5
References
- https://dfir.ru/2023/11/01/cve-2023-45897-a-vulnerability-in-the-linux-exfat-userspace-tools/
- https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4
- https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae
- https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
- https://github.com/exfatprogs/exfatprogs/releases/tag/1.2.2
- https://dfir.ru/2023/11/01/cve-2023-45897-a-vulnerability-in-the-linux-exfat-userspace-tools/
- https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4
- https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae
- https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
- https://github.com/exfatprogs/exfatprogs/releases/tag/1.2.2
- https://lists.debian.org/debian-lts-announce/2024/09/msg00003.html
Products affected by CVE-2023-45897
-
cpe:2.3:a:namjaejeon:exfatprogs:-
-
cpe:2.3:a:namjaejeon:exfatprogs:1.0.1
-
cpe:2.3:a:namjaejeon:exfatprogs:1.0.2
-
cpe:2.3:a:namjaejeon:exfatprogs:1.0.3
-
cpe:2.3:a:namjaejeon:exfatprogs:1.0.4
-
cpe:2.3:a:namjaejeon:exfatprogs:1.1.0
-
cpe:2.3:a:namjaejeon:exfatprogs:1.1.1
-
cpe:2.3:a:namjaejeon:exfatprogs:1.1.2
-
cpe:2.3:a:namjaejeon:exfatprogs:1.1.3
-
cpe:2.3:a:namjaejeon:exfatprogs:1.2.0
-
cpe:2.3:a:namjaejeon:exfatprogs:1.2.1