suse · CVE-2015-8872

Quick triage

Priority: low Published: 2021-05-30 13:36:15 UTC Updated: 2026-04-18 18:06:40 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2015-8872 severity low: SUSE including 3 source package names (dosfstools-2.11-121.31.4.1, dosfstools-3.0.26-3.1, dosfstools-3.0.26-6.5), 35 product×package rows across 35 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (35 product lines)): Fixed 35.

Description:

The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."

cvelogic Threat Intelligence