Description
A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named b4a3a695c9873f824907bd15659f2a6ac7667b4f. It is recommended to apply a patch to fix this issue.
Published: 2026-05-18
Score: 4.6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw lies in the change_file_status function of cramfsck.c, which can be engineered by a local attacker to follow a symlink and access or overwrite files outside the expected directory structure. This attack enables the attacker to read or modify unintended files, compromising data integrity and confidentiality, but it does not provide remote code execution or privilege escalation.

Affected Systems

The vulnerability affects npitre cramfs-tools releases up to and including version 2.2. Any build within that range that contains the described function is potentially vulnerable; no further version granularity is provided in the CNA data.

Risk and Exploitability

With a CVSS score of 4.6 the issue is of moderate severity. The EPSS value is unavailable, so the likelihood of exploitation is unknown, and the vulnerability is not listed in CISA KEV. Exploitation requires local access and the ability to run the program with sufficient rights to alter the target filesystem. If exploited, it may lead to unauthorized file reads or writes, but the attacker cannot gain code execution or elevate privileges.

Generated by OpenCVE AI on May 18, 2026 at 04:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade cramfs-tools to the patched version using commit b4a3a695c9873f824907bd15659f2a6ac7667b4f or any later release that contains the fix.
  • If an immediate upgrade is not possible, limit execution of cramfsck or other cramfs-tools utilities to trusted administrators and avoid running them on untrusted or externally mounted filesystems.
  • Audit any services or scripts that invoke cramfsck to ensure they run with the least privilege necessary and are not exposed to arbitrary input from insecure sources.

Generated by OpenCVE AI on May 18, 2026 at 04:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 18 May 2026 03:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named b4a3a695c9873f824907bd15659f2a6ac7667b4f. It is recommended to apply a patch to fix this issue.
Title npitre cramfs-tools cramfsck.c change_file_status symlink
First Time appeared Npitre
Npitre cramfs-tools
Weaknesses CWE-59
CWE-61
CPEs cpe:2.3:a:npitre:cramfs-tools:*:*:*:*:*:*:*:*
Vendors & Products Npitre
Npitre cramfs-tools
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:L/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 4.2, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 4.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 4.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Npitre Cramfs-tools
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-18T02:30:13.275Z

Reserved: 2026-05-17T09:59:14.863Z

Link: CVE-2026-8784

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-18T04:16:34.247

Modified: 2026-05-18T04:16:34.247

Link: CVE-2026-8784

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-18T05:00:13Z

Weaknesses