Stack Buffer Overflow Vulnerability in YAFFS File Timestamp Parsing Logic in The Sleuth Kit (TSK)

Stack Buffer Overflow Vulnerability in YAFFS File Timestamp Parsing Logic in The Sleuth Kit (TSK)

CVE-2020-10232 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.

Learn more about our Web Application Penetration Testing UK.