Mobasi

Name of the Vulnerable Software and Affected Versions The Sleuth Kit versions through 4.14.0 Description The Sleuth Kit’s `tsk recover` component contains a path traversal flaw. An attacker can exploit this to write files to locations outside the intended recovery directory by using crafted filenames or directory paths within a filesystem image that include path traversal sequences. Specifically, crafting a malicious filesystem image with embedded '/../' sequences in filenames allows an attacker to write files outside the output directory when processed by `tsk recover`, potentially leading to code execution by overwriting system files like shell configurations or cron entries. Recommendations Update versions of The Sleuth Kit to a version later than 4.14.0.

Name of the Vulnerable Software and Affected Versions The Sleuth Kit versions through 4.14.0 Description The Sleuth Kit contains a flaw in the APFS filesystem keybag parser. The `wrapped key parser` class does not properly validate length fields, leading to potential out-of-bounds reads when processing attacker-controlled data. This can result in information disclosure or application crashes when handling malicious APFS disk images. Recommendations Update to a version beyond 4.14.0.