CVE-2017-13760 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13760): In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a. CVE-2017-13756 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13756): In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. CVE-2017-13755 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13755): In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls.
@Maintainer could you please confirm if we are affected by these CVEs? Thank you
This is a duplicate of bug 629352
thanks, sorry, couldn't catch the other two aliases. *** This bug has been marked as a duplicate of bug 629352 ***