CVE-2015-1572
Description
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
e2fsprogs before 1.42.12 has a heap-based buffer overflow in libext2fs via crafted block group descriptors, allowing local arbitrary code execution.
Vulnerability
A heap-based buffer overflow exists in the closefs.c file of the libext2fs library in e2fsprogs before version 1.42.12. The flaw occurs when a specially crafted block group descriptor is marked as dirty, due to an incomplete fix for CVE-2015-0247 [1][2]. Affected versions include those in Ubuntu and Mageia Linux distributions [1][2].
Exploitation
An attacker with local access can exploit this vulnerability by providing a maliciously crafted filesystem image that causes a boundary check error on block group descriptor data [1][2]. No special privileges are required beyond the ability to have the filesystem image processed by e2fsprogs utilities [1][2].
Impact
Successful exploitation allows a local attacker to execute arbitrary code with the privileges of the user running the affected utility, potentially leading to full system compromise if run as root [1][2]. The vulnerability enables arbitrary code execution through a heap buffer overflow [2].
Mitigation
Updates are available in e2fsprogs version 1.42.12 and later [1][2]. Ubuntu released fixed packages in USN-2507-1 on 23 February 2015 [1]. Mageia published updated packages (version 1.42.9-2.2.mga4 for Mageia 4) on 26 February 2015 [2]. Red Hat and Fedora advisories also addressed the issue [3][4].
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- Range: <1.42.12
- osv-coords5 versionspkg:rpm/suse/e2fsprogs&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/e2fsprogs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/e2fsprogs&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/e2fsprogs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/e2fsprogs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 1.42.11-7.1+ 4 more
- (no CPE)range: < 1.42.11-7.1
- (no CPE)range: < 1.43.8-4.3.1
- (no CPE)range: < 1.42.11-7.1
- (no CPE)range: < 1.42.11-7.1
- (no CPE)range: < 1.42.11-7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/nvdVendor Advisory
- advisories.mageia.org/MGASA-2015-0088.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-March/150606.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-March/150805.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-06/msg00019.htmlnvd
- lists.opensuse.org/opensuse-updates/2015-06/msg00006.htmlnvd
- lists.opensuse.org/opensuse-updates/2015-06/msg00010.htmlnvd
- www.debian.org/security/2015/dsa-3166nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/72709nvd
- www.ubuntu.com/usn/USN-2507-1nvd
- security.gentoo.org/glsa/201507-22nvd
News mentions
0No linked articles in our index yet.