Denial of Service Vulnerability in The Sleuth Kit by Sleuth Kit Developers
CVE-2017-13760

5.5MEDIUM

Key Information:

Vendor: Sleuthkit
Status: The Sleuth Kit
Vendor: CVE Published:; 29 August 2017

What is CVE-2017-13760?

A vulnerability exists in The Sleuth Kit version 4.4.2, where the 'fls' utility hangs indefinitely when processing a corrupt exFAT image. This issue arises during the execution of the tsk_img_read() function within libtskimg.a, which prevents forensic analysts from effectively utilizing the tool on compromised exFAT files. The inability to recover data or analyze file systems can impact investigations significantly.

References

https://github.com/sleuthkit/sleuthkit/issues/906

x_refsource_MISC

https://lists.debian.org/debian-lts-announce/2022/06/msg0...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2017
Vulnerability Reserved
Aug 29, 2017

CVE-2017-13760 Data

JSON

Sleuthkit

What is CVE-2017-13760?

References

CVSS V3.1

Timeline