Chan Fatfs

7 CVEs affecting Chan Fatfs. Latest disclosed: 2026-07-01. Critical: 0, High: 3.

Top CVEs affecting Chan Fatfs
CVESeverityScorePublishedSummary
CVE-2026-6688High7.62026-07-01FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up…
CVE-2026-6687High7.62026-07-01FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted without enforcing spec maximums. Th…
CVE-2026-6682High7.62026-07-01In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats can wrap, leading to attacker-controlled file-siz…
CVE-2026-6685Medium6.12026-07-01FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/…
CVE-2026-6686Medium4.62026-07-01FatFs R0.16 and earlier contains an uninitialized cluster exposure when f_lseek() extends files beyond EOF without zero-filling newly allocated clusters. This…
CVE-2026-6684Medium4.62026-07-01FatFs prior to R0.16 that use GPT scanning with 'FF_LBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTH_PtNum, enabli…
CVE-2026-6683Medium4.62026-07-01FatFs R0.16 and earlier contains a divide-by-zero in exFAT sync logic bug when crafted metadata causes n_fatent - 2 to be zero during write/sync operations. Th…