Description
A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads to path traversal. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. Upgrading to version 2.2 is able to address this issue. The name of the patch is 2fc492747115b24d8a07eddd27a2d45229cb273c. Upgrading the affected component is recommended.
Published: 2026-05-11
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Do_directory in cramfsck.c of npitre cramfs-tools allows a local attacker to construct file names that escape the intended directory boundaries, resulting in a path traversal vulnerability (CWE-22). This flaw permits reading or creating arbitrary files relative to the working directory, potentially exposing sensitive data or permitting the attacker to write malicious files, respectively. The vulnerability was discovered in versions up to 2.1 and has been publicly disclosed through a patch identified by commit 2fc492747115b24d8a07eddd27a2d45229cb273c.

Affected Systems

Versions of npitre cramfs-tools up to 2.1 are affected. Upgrading to the released 2.2 version fully resolves the issue. Prior to the update, any non-privileged local user with access to cramfsck could navigate outside the expected directory structure.

Risk and Exploitability

The CVSS score of 4.8 indicates a moderate risk, and no EPSS score is published, so the likelihood of exploitation remains uncertain but possible in environments where local access to cramfs-tools is available. It is not included in the CISA KEV catalog, which suggests no widespread known exploitation. Nevertheless, because the flaw is local, administrators who provide shell or command‑line access to users that can invoke cramfsck should evaluate their trust boundaries or mitigate with the available patch.

Generated by OpenCVE AI on May 11, 2026 at 06:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade npitre cramfs-tools to version 2.2 from the official repository, which includes the security patch commit 2fc492747115b24d8a07eddd27a2d45229cb273c.
  • Restrict local execution of cramfsck to privileged or trusted users by adjusting file permissions or utilizing sudoers to limit who can run the utility.
  • If an immediate upgrade is not feasible, relocate the cramfsck binary to a directory with restricted access and ensure it runs with minimal privileges, or employ sandboxing techniques to prevent arbitrary file manipulation.

Generated by OpenCVE AI on May 11, 2026 at 06:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 11 May 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Npitre
Npitre cramfs-tools
Vendors & Products Npitre
Npitre cramfs-tools

Mon, 11 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 11 May 2026 05:00:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads to path traversal. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. Upgrading to version 2.2 is able to address this issue. The name of the patch is 2fc492747115b24d8a07eddd27a2d45229cb273c. Upgrading the affected component is recommended.
Title npitre cramfs-tools Directory cramfsck.c do_directory path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Npitre Cramfs-tools
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-11T13:59:40.266Z

Reserved: 2026-05-10T15:58:40.236Z

Link: CVE-2026-8274

cve-icon Vulnrichment

Updated: 2026-05-11T13:59:36.706Z

cve-icon NVD

Status : Received

Published: 2026-05-11T05:16:16.580

Modified: 2026-05-11T05:16:16.580

Link: CVE-2026-8274

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-11T16:10:53Z

Weaknesses