| Package | e2fsprogs |
|---|---|
| Version | 1.42.5-1.1+deb7u3 |
| Related CVEs | CVE-2019-5188 |
An issue has been found in e2fsprogs, a package that contains ext2/ext3/ext4 file system utilities. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
For Debian 7 Wheezy, these problems have been fixed in version 1.42.5-1.1+deb7u3.
We recommend that you upgrade your e2fsprogs packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.