exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set. https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4 https://github.com/exfatprogs/exfatprogs/releases/tag/1.2.2 https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
Created exfatprogs tracking bugs for this issue: Affects: epel-all [bug 2248681] Affects: fedora-38 [bug 2248680]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2437 https://access.redhat.com/errata/RHSA-2024:2437