Medium severity6.2NVD Advisory· Published Jun 3, 2016· Updated Jun 17, 2026
CVE-2016-4804
CVE-2016-4804
Description
The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:dosfstools_project:dosfstools:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:dosfstools_project:dosfstools:*:*:*:*:*:*:*:*range: <=3.0.28
- (no CPE)range: <4.0
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- osv-coords5 versionspkg:rpm/suse/dosfstools&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/dosfstools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/dosfstools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/dosfstools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/dosfstools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
< 3.0.26-6.5+ 4 more
- (no CPE)range: < 3.0.26-6.5
- (no CPE)range: < 3.0.26-3.1
- (no CPE)range: < 3.0.26-6.5
- (no CPE)range: < 3.0.26-3.1
- (no CPE)range: < 3.0.26-6.5
Patches
Vulnerability mechanics
References
9- blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.htmlnvdPatch
- github.com/dosfstools/dosfstools/issues/25nvdPatchVendor Advisory
- github.com/dosfstools/dosfstools/issues/26nvdPatchVendor Advisory
- lists.opensuse.org/opensuse-updates/2016-06/msg00001.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-09/msg00014.htmlnvd
- www.securityfocus.com/bid/90311nvd
- www.ubuntu.com/usn/USN-2986-1nvd
- github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52nvd
- lists.debian.org/debian-lts-announce/2020/05/msg00028.htmlnvd
News mentions
0No linked articles in our index yet.