{"id":"CVE-2018-11738","details":"An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.","modified":"2026-04-10T04:04:39.095255Z","published":"2018-06-05T11:29:00.383Z","related":["MGASA-2018-0368"],"references":[{"type":"FIX","url":"https://github.com/sleuthkit/sleuthkit/issues/1265"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sleuthkit/sleuthkit","events":[{"introduced":"9b776576aa6a1fbf328e82fd7cb6b428179de016"},{"last_affected":"777f36e02347f4383e1e550cc9b92b19966bf3c3"}],"database_specific":{"versions":[{"introduced":"4.0.2"},{"last_affected":"4.6.1"}]}}],"versions":["sleuthkit-4.0.2","sleuthkit-4.6.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11738.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}]}