e2fsprogs: Out-of-bounds write (CVE-2019-5094)

The vulnerability allows a local user to escalate privileges on the vulnerable system. The vulnerability exists due to a boundary error when processing untrusted input in the quota file functionality. A local user can send a specially crafted xt4 partition, trigger out-of-bounds write on the heap and execute arbitrary code on the target system. Note: An attacker can corrupt a partition to trigger this vulnerability.

Vulnerable versions:

E2fsprogs: 1.43.3, 1.43.4, 1.43.5, 1.43.6, 1.43.7, 1.43.8, 1.43.9, 1.44.0, 1.44.1, 1.44.2, 1.44.3, 1.44.4, 1.44.5, 1.44.6, 1.45.0, 1.45.1, 1.45.2, 1.45.3

References:

• https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0887
• https://www.cybersecurity-help.cz/vdb/SB2019092502
• https://nvd.nist.gov/vuln/detail/CVE-2019-5094

Affected branches:

• master (fdf4438f)
• 3.10-stable (bac324e9)
• 3.9-stable (3e1d286c)
• 3.8-stable (b07e4ca0)
• 3.7-stable (3ae476f3)