A vulnerability has been reported in inotify-tools, which can potentially be exploited by malicious users to compromise an application using the library.
The vulnerability is caused due to a boundary error within the "inotifytools_snprintf()" function in src/inotifytools.c. This can be exploited to cause a buffer overflow by e.g. creating a file with an overly long filename in a specific directory.
Successful exploitation may allow the execution of arbitrary code with privileges of the application using the affected library.
NOTE: The programs shipped with inotify-tools are reportedly not affected.
The vulnerability is reported in versions prior to 3.11.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org