VDB
GCVE-110-MAGEIA-2020-234
GCVE-110-MAGEIA-2020-234
Advisory Published
Updated sleuthkit packages fix security vulnerabilities:
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an
off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp
while using a bogus hash table (CVE-2019-14532).
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a
heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c
(CVE-2020-10233).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | microcode | 0 (affected), 0.20201118-1.mga7.nonfree (unaffected) | — |
| Mageia | sleuthkit | 0 (affected), 4.9.0-1.mga7 (unaffected), 0 (affected), 4.9.0-1.mga7 (unaffected) | — |
Aliases
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.