Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
No reference.
Thu, 16 Jul 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | FatFs Integer Underflow in Dirty-Sector Cache Flush | |
| References |
|
|
| Metrics |
ssvc
|
Thu, 16 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/write on fragmented filesystems. This maps to CWE-191 (Integer Underflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H (6.1, Medium). The estimated CISA SSVC vectors are Exploitation: PoC, Technical Impact: Total. Note that this issue has been disputed by the Supplier. It will be rejected shortly. | This CVE ID has been rejected or withdrawn by its CVE Numbering Authority following a notification that the vulnerability determination was made in error. After review, the CNA confirmed the erroneous finding. Thanks to David Brown for reaching out about this issue. |
| Weaknesses | CWE-191 | |
| References |
|
|
| Metrics |
cvssV3_1
|
Thu, 16 Jul 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/write on fragmented filesystems. This maps to CWE-191 (Integer Underflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H (6.1, Medium). The estimated CISA SSVC vectors are Exploitation: PoC, Technical Impact: Total. | FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/write on fragmented filesystems. This maps to CWE-191 (Integer Underflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H (6.1, Medium). The estimated CISA SSVC vectors are Exploitation: PoC, Technical Impact: Total. Note that this issue has been disputed by the Supplier. It will be rejected shortly. |
Mon, 06 Jul 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Chan
Chan fatfs |
|
| Vendors & Products |
Chan
Chan fatfs |
Wed, 01 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/write on fragmented filesystems. This maps to CWE-191 (Integer Underflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H (6.1, Medium). The estimated CISA SSVC vectors are Exploitation: PoC, Technical Impact: Total. | |
| Title | FatFs Integer Underflow in Dirty-Sector Cache Flush | |
| Weaknesses | CWE-191 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: REJECTED
Assigner: runZero
Published:
Updated: 2026-07-16T20:11:12.305Z
Reserved: 2026-04-20T15:06:21.250Z
Link: CVE-2026-6685
Updated:
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T19:00:04Z
No weakness.