MidnightBSD

Advisories for erofs-utils_project

CVE-2023-33551

Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image.

Products Affected

Vendor Product Version
erofs-utils_project erofs-utils 1.6
CVE-2023-33552

Heap Buffer Overflow in the erofs_read_one_data function at data.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image.

Products Affected

Vendor Product Version
erofs-utils_project erofs-utils 1.6