ID CVE-2015-8872
Summary The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."
References
Vulnerable Configurations
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 15.10
    cpe:2.3:o:canonical:ubuntu_linux:15.10
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • openSUSE Leap 42.1
    cpe:2.3:o:opensuse:leap:42.1
  • OpenSUSE 13.2
    cpe:2.3:o:opensuse:opensuse:13.2
  • dosfstools Project dosfstools 3.0.28
    cpe:2.3:a:dosfstools_project:dosfstools:3.0.28
CVSS
Base: 2.1 (as of 03-06-2016 - 13:08)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2145-1.NASL
    description dosfstools was updated to fix two security issues. These security issues were fixed : - CVE-2015-8872: The set_fat function in fat.c in dosfstools might have allowed attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an 'off-by-two error (bsc#980364). - CVE-2016-4804: The read_boot function in boot.c in dosfstools allowed attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function (bsc#980377). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93304
    published 2016-09-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93304
    title SUSE SLED12 / SLES12 Security Update : dosfstools (SUSE-SU-2016:2145-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2146-1.NASL
    description dosfstools was updated to fix two security issues. These security issues were fixed : - CVE-2015-8872: The set_fat function in fat.c in dosfstools might have allowed attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an 'off-by-two error (bsc#980364). - CVE-2016-4804: The read_boot function in boot.c in dosfstools allowed attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function (bsc#980377). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93305
    published 2016-09-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93305
    title SUSE SLES11 Security Update : dosfstools (SUSE-SU-2016:2146-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-F695B1A747.NASL
    description This is an update fixing off-by-2 error leading to corruption in FAT12 ( CVE-2015-8872) and heap-buffer-overflows in read_fat() and get_fat() functions (CVE-2016-4804). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 92209
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92209
    title Fedora 24 : dosfstools (2016-f695b1a747)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2986-1.NASL
    description Hanno Bock discovered that dosfstools incorrectly handled certain malformed filesystems. A local attacker could use this issue to cause dosfstools to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 91422
    published 2016-06-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91422
    title Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : dosfstools vulnerabilities (USN-2986-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-671.NASL
    description This update for dosfstools fixes the following issues : - fixed buffer overflows based on insufficient size of variable for storing FAT size (CVE-2016-4804, boo#980377) - dosfstools-3.0.26-read-fat-overflow.patch - fixed memory corruption when setting FAT12 entries (CVE-2015-8872, boo#980364) - dosfstools-3.0.26-off-by-2.patch - Fix attempt to rename root dir in fsck due to uninitialized fields [boo#912607] - Drop gpg-offline build-time requirement; this is now handled by the local source validator
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 91439
    published 2016-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91439
    title openSUSE Security Update : dosfstools (openSUSE-2016-671)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1045.NASL
    description dosfstools was updated to fix two security issues. These security issues were fixed : - CVE-2015-8872: The set_fat function in fat.c in dosfstools might have allowed attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an 'off-by-two error (bsc#980364). - CVE-2016-4804: The read_boot function in boot.c in dosfstools allowed attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function (bsc#980377). This non-security issue was fixed : - bsc#912607: Attempt to rename root dir in fsck due to uninitialized fields. This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 93335
    published 2016-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93335
    title openSUSE Security Update : dosfstools (openSUSE-2016-1045)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-F3262ABDA6.NASL
    description This is an update fixing off-by-2 error leading to corruption in FAT12 ( CVE-2015-8872) and heap-buffer-overflows in read_fat() and get_fat() functions (CVE-2016-4804). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 92203
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92203
    title Fedora 22 : dosfstools (2016-f3262abda6)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-E2D635CBF8.NASL
    description This is an update fixing off-by-2 error leading to corruption in FAT12 ( CVE-2015-8872) and heap-buffer-overflows in read_fat() and get_fat() functions (CVE-2016-4804). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 92188
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92188
    title Fedora 23 : dosfstools (2016-e2d635cbf8)
refmap via4
bid 90311
confirm
misc https://blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.html
suse
  • openSUSE-SU-2016:1461
  • openSUSE-SU-2016:2233
ubuntu USN-2986-1
Last major update 28-11-2016 - 14:50
Published 03-06-2016 - 10:59
Last modified 30-10-2018 - 12:27
Back to Top