suse · CVE-2016-4804

Quick triage

Priority: low 公開: 2021-05-30 13:42:29 UTC Updated: 2026-04-18 16:09:14 UTC

参照: Official suse advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-4804 severity low: SUSE including 4 source package names (dosfstools, dosfstools-2.11-121.31.4.1, dosfstools-3.0.26-3.1, dosfstools-3.0.26-6.5), 53 product×package rows across 53 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (53 product lines)): Fixed 35, Known Not Affected 18.

Description:

The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.

cvelogic Threat Intelligence