CVE-2017-13755: In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. https://github.com/sleuthkit/sleuthkit/issues/913 CVE-2017-13756: In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. https://github.com/sleuthkit/sleuthkit/issues/914 CVE-2017-13760: In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a. https://github.com/sleuthkit/sleuthkit/issues/906
Created sleuthkit tracking bugs for this issue: Affects: epel-7 [bug 1486585] Affects: fedora-all [bug 1486586]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.