CVE-2026-40026
Out-of-Bounds Read and Infinite Loop in Sleuth Kit ISO9660 Parser
Publication date: 2026-04-08
Last updated on: 2026-04-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sleuthkit | the_sleuth_kit | to 4.14.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in The Sleuth Kit through version 4.14.0 within its ISO9660 filesystem parser. Specifically, the parse_susp() function improperly trusts certain length fields (len_id, len_des, and len_src) from a disk image and uses memcpy to copy data into a stack buffer without verifying that the source data is actually within the bounds of the parsed SUSP block.
An attacker can exploit this by crafting a malicious ISO image that causes the program to read beyond the end of the SUSP data buffer. Additionally, a zero-length SUSP entry can cause the parser to enter an infinite loop.
How can this vulnerability impact me? :
The vulnerability can lead to out-of-bounds reads, which may cause the application to crash or behave unpredictably, resulting in a denial of service (DoS). The infinite parsing loop triggered by a zero-length SUSP entry can also cause the application to hang, further contributing to DoS conditions.
The CVSS scores indicate a low to medium severity impact, with limited confidentiality impact, no integrity impact, and some availability impact.