GCVE - cpe:2.3:a:n/a:e2fsprogs:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:e2fsprogs:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	E2Fsprogs (`7cea70ca-1ca0-5b99-82c2-fd00dac39a23`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-1304`	vulnerable	2026-06-08 05:39:12.709069	Details available An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. Published: 2022-04-14T20:05:47.000Z Updated: 2025-04-23T18:39:51.708Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2069726	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-5188`	vulnerable	2026-06-08 05:13:57.805852	Details available HIGH (7.5) A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Published: 2020-01-08T15:45:09.000Z Updated: 2025-05-30T19:48:23.229Z Open on db.gcve.eu Reference links https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AKETJ6BREDUHRWQTV35SPGG5C6H7KSI/ https://usn.ubuntu.com/4249-1/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DOBCYQKCTTWXBLMUPJ5TX3FY7JNCOKY/ http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00004.html https://lists.debian.org/debian-lts-announce/2020/03/msg00030.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-5094`	vulnerable	2026-06-08 05:13:57.677727	Details available HIGH (7.5) An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Published: 2019-09-24T21:21:27.000Z Updated: 2025-05-30T19:48:11.112Z Open on db.gcve.eu Reference links https://www.debian.org/security/2019/dsa-4535 https://lists.debian.org/debian-lts-announce/2019/09/msg00029.html https://seclists.org/bugtraq/2019/Sep/58 https://usn.ubuntu.com/4142-2/ https://usn.ubuntu.com/4142-1/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.