By vendor
Gkostka vulnerabilities
Known CVEs affecting Gkostka products, prioritized by severity, with SEC.co remediation and detection guidance.
2 published vulnerabilities
- CVE-2025-70101MEDIUM 6.5
CVE-2025-70101 is a memory safety flaw in the lwext4 library, a lightweight ext4 filesystem implementation. When processing a specially crafted ext4 disk image, the library can read past the end of allocated memory due to missing validation checks. An attacker who tricks a user into opening a malicious filesystem image can trigger this out-of-bounds read, causing the application to crash. This is primarily a denial-of-service risk rather than a gateway to data theft or system compromise.
- CVE-2025-70100MEDIUM 5.5
CVE-2025-70100 is a denial-of-service vulnerability in lwext4, a lightweight ext4 filesystem library. An attacker can craft a malicious ext4 filesystem image containing a zero logical block size that crashes any application using lwext4 to mount or process the image. The library fails to validate the block size parameter before performing arithmetic operations, leading to a divide-by-zero condition. While this vulnerability cannot be exploited for data theft or system compromise, it can disrupt services that depend on lwext4 for filesystem operations, such as embedded systems, recovery tools, or specialized storage applications.