2018-09-01 05:29:02 2018-10-30 18:30:26

** DISPUTED ** The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file. NOTE: the vendor has disputed this as described in the GitHub issue comments.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Advisory Patch Confirmed Link
https://github.com/libyal/libfsclfs/issues/3