Adambuchbinder

**Name of the Vulnerable Software and Affected Versions** The Sleuth Kit (TSK) version 4.4.2 **Description** The issue is triggered by opening a crafted ISO 9660 image, which causes an out-of-bounds read in the `iso9660 proc dir()` function in `tsk/fs/iso9660 dent.c` in `libtskfs.a`. This can be demonstrated using the `fls` tool. **Recommendations** For version 4.4.2, consider avoiding the use of crafted ISO 9660 images until a patch is available. As a temporary workaround, restrict access to the `iso9660 proc dir()` function in `tsk/fs/iso9660 dent.c` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** The Sleuth Kit (TSK) version 4.4.2 **Description** The issue occurs when the `fls` command in The Sleuth Kit (TSK) hangs on a corrupt exfat image. This happens due to a problem in the `tsk img read()` function located in `tsk/img/img io.c` within the `libtskimg.a` library. **Recommendations** For version 4.4.2, consider avoiding the use of the `fls` command with corrupt exfat images until a fix is available. As a temporary workaround, restrict the use of the `tsk img read()` function in `tsk/img/img io.c` to prevent hangs on corrupt images.