CVE-2023-33551

Name of the Vulnerable Software and Affected Versions erofs-utils version 1.6

Description The issue is related to a Heap Buffer Overflow in the erofsfsck dirent iter function in fsck/main.c. This allows remote attackers to execute arbitrary code via a crafted erofs filesystem image.

Recommendations For erofs-utils version 1.6, consider disabling the erofsfsck dirent iter function until a patch is available. Restrict access to crafted erofs filesystem images to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.