Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.8
Sleuth Kit ISO9660 Parser Reads Beyond Disk Data
CVE-2026-40026
Summary
A maliciously crafted ISO image can cause the Sleuth Kit to read data it shouldn't, potentially exposing sensitive information. This affects users who work with disk images, especially those who rely on the Sleuth Kit for data analysis. To avoid potential issues, update to a version of the Sleuth Kit that fixes this problem.
Original title
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse_susp() function trusts len_id, len_des, and len_src fields from the disk ...
Original description
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse_susp() function trusts len_id, len_des, and len_src fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SUSP block. An attacker can craft a malicious ISO image that causes reads past the end of the SUSP data buffer, and a zero-length SUSP entry can trigger an infinite parsing loop.
nvd CVSS3.1
4.4
nvd CVSS4.0
4.8
Vulnerability type
CWE-125
Out-of-bounds Read
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026