Source | Text Version

QSN-4142-1: e2fsprogs vulnerability

September 30, 2019

Summary

e2fsprogs could be made to execute arbitrary code if it is running in a crafted ext4 partition.

Details

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.

References

https://usn.ubuntu.com/4142-1

http://people.canonical.com/~ubuntu-security/cve/CVE-2019-5094

Update

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l e2fsprogs

If the current version you have is before 1.42.13-1ubuntu1.1, run the following:

$ sudo apt-get update
$ sudo apt-get install e2fsprogs

Copyright © 2010-2015, OSNEXUS Corporation. All rights reserved.