CVE-2025-70100EPSS p7.0%

CVE-2025-70100CVE-2025-70100

gkostka / lwext4

Description

A divide-by-zero vulnerability in the ext4_block_set_lb_size function in src/ext4_blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount or image processing and leads to a Floating-Point Exception (FPE) under sanitizers or a runtime crash in standard builds due to missing validation of lb_size.

Scoring

CVSS 5.5 ()
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS0.17% probability of exploitation · percentile 7.0% · 2026-06-19T12:03:05Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-70101
CVE
CVE-2025-70099
CVE
CVE-2025-14512
CVE
CVE-2025-47372
CVE
CVE-2025-7039
CVE
CVE-2025-38626
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.