| Errata ID | 593 |
|---|---|
| Date | 2019-10-02 |
| Source package | e2fsprogs |
| Fixed in version | 1.43.4-2+deb9u1A~4.3.4.201910010703 |
| Description | This update addresses the following issue: * An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. (CVE-2019-5094) |
| Additional notes | |
| CVE ID | CVE-2019-5094 |
| UCS Bug number | #50299 |
