Hi,

On 2026/6/11 05:27, Tristan wrote:
Hello,

I am reporting 5 vulnerabilities in erofs-utils across three versions.
All are triggered by crafted EROFS filesystem images.

Findings summary:

   - ZSTD decompression heap OOB read (erofs-utils 8a579d4, CVSS 5.5,
CWE-125)
   - u64-to-u32 truncation heap overflow (erofs-utils 1.8.5, CVSS 7.8,
CWE-190)
   - Off-by-one heap overflow in fsck path (erofs-utils 1.9.1, CVSS 6.2,
CWE-193)
   - Symlink extraction integer overflow (erofs-utils 1.9.1, CVSS 7.8,
CWE-190)
   - Uncontrolled recursion in dump.erofs (erofs-utils 1.9.1, CVSS 5.5,
CWE-674)

I would appreciate acknowledgement of receipt and CVE assignment.

Although I agree that some issues are obvious issues, but
would you mind provide reproducible images (in gzipped-based64)
at least?

Thanks,
Gao Xiang



Regards,
Tristan



Reply via email to