安全公告详情

NS-SA-2025-0172

2025-07-25 16:49:52

简介

moderate: e2fsprogs security update

严重级别

moderate

主题

An update for e2fsprogs is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

e2fsprogs:


Security Fix(es):
e2fsprogs: An out-of-bounds read/write vulnerability was found in e2fsprogs. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.(CVE-2022-1304)
e2fsprogs: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.03B8.

影响组件

  • e2fsprogs

影响产品

  • CGSL MAIN 7.02

更新包

{"fix":[{"product":"CGSL MAIN 7.02","pkgs":[{"binary":["libss-1.47.0-1.zncgsl7.7.x86_64.rpm","libcom_err-devel-1.47.0-1.zncgsl7.7.x86_64.rpm","libcom_err-1.47.0-1.zncgsl7.7.x86_64.rpm","e2fsprogs-libs-1.47.0-1.zncgsl7.7.x86_64.rpm","e2fsprogs-devel-1.47.0-1.zncgsl7.7.x86_64.rpm","e2fsprogs-1.47.0-1.zncgsl7.7.x86_64.rpm"],"source":"e2fsprogs-1.47.0-1.zncgsl7.7.src.rpm"}]}]}

CVE

参考