Description
An out-of-bounds read in the ext4_ext_binsearch_idx function in src/ext4_extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by supplying a specially crafted ext4 filesystem image. The vulnerability occurs due to insufficient validation of extent header fields before performing a binary search over extent index entries, which can result in invalid pointer calculations and an out-of-bounds memory read during extent tree traversal.
Published: 2026-06-03
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An out-of-bounds read is triggered in the ext4_ext_binsearch_idx function of the lwext4 1.0.0 library when parsing an ext4 filesystem image. The vulnerability stems from insufficient validation of extent header fields before performing a binary search over extent index entries, which can cause invalid pointer calculations and a memory read outside the extent tree bounds. This overflow may crash the library and render any dependent application unusable, leading to a denial‑of‑service scenario.

Affected Systems

The affected component is the lwext4 lightweight ext4 implementation, version 1.0.0, used in embedded and specialized systems that rely on external ext4 images. No vendor is listed in the CNA data, but any deployment that incorporates the open‑source library and accepts untrusted filesystem images is potentially vulnerable.

Risk and Exploitability

Exploitation requires an attacker to supply a crafted ext4 filesystem image and the vulnerable library to execute the faulty code path. There is no remote code execution or privilege escalation, but the crash can halt device functions or services. The EPSS score is unavailable and the issue is not listed in CISA KEV, indicating no widely cited exploitation yet. However, because the failure occurs in the core filesystem parser, the impact can be severe within affected environments, and the likelihood of exploitation is uncertain pending real‑world attack evidence.

Generated by OpenCVE AI on June 3, 2026 at 15:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the lwext4 library to a patched release once it becomes available (e.g., version 1.0.1 or later).
  • If an upgrade cannot be performed immediately, avoid mounting or processing user‑provided ext4 images until they are validated and sanitized.
  • Add integrity checks or cryptographic signatures to filesystem images to detect tampering before handing them to lwext4.

Generated by OpenCVE AI on June 3, 2026 at 15:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Title Denial of Service via Out‑of‑Bounds Read in lwext4 Ext4 Parser
First Time appeared Gkostka
Gkostka lwext4
Weaknesses CWE-787
Vendors & Products Gkostka
Gkostka lwext4

Wed, 03 Jun 2026 14:15:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read in the ext4_ext_binsearch_idx function in src/ext4_extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by supplying a specially crafted ext4 filesystem image. The vulnerability occurs due to insufficient validation of extent header fields before performing a binary search over extent index entries, which can result in invalid pointer calculations and an out-of-bounds memory read during extent tree traversal.
References

Subscriptions

Gkostka Lwext4
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-03T13:56:26.675Z

Reserved: 2026-01-09T00:00:00.000Z

Link: CVE-2025-70101

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-03T14:16:31.340

Modified: 2026-06-03T14:16:31.340

Link: CVE-2025-70101

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T15:30:26Z

Weaknesses