2456789 – (CVE-2026-40026) CVE-2026-40026 sleuthkit: The Sleuth Kit: Information disclosure and denial of service via crafted ISO image

Bug 2456789 (CVE-2026-40026) - CVE-2026-40026 sleuthkit: The Sleuth Kit: Information disclosure and denial of service via crafted ISO image

Summary: CVE-2026-40026 sleuthkit: The Sleuth Kit: Information disclosure and denial o...

Keywords:
Status:	NEW
Alias:	CVE-2026-40026
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2456878 2456879
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-08 22:04 UTC by OSIDB Bzimport
Modified:	2026-04-09 11:52 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-08 22:04:20 UTC

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse_susp() function trusts len_id, len_des, and len_src fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SUSP block. An attacker can craft a malicious ISO image that causes reads past the end of the SUSP data buffer, and a zero-length SUSP entry can trigger an infinite parsing loop.

Note You need to log in before you can comment on or make changes to this bug.