Lucene search
K

61 matches found

BDU FSTEC
BDU FSTEC
added 2021/12/17 12:0 a.m.7 views

The vulnerability of the F2fs-Tools utility, related to writing outside of the memory boundaries, allows a hacker to execute arbitrary code.

The vulnerability of the F2fs-Tools tool is related to writing beyond the memory boundaries. Exploiting this vulnerability could allow a hacker to execute arbitrary code using a specially created file system called f2fs...

6.8CVSS7.7AI score0.02121EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2021/03/26 12:0 a.m.5 views

PT-2024-11108 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the f2fs file system in the Linux kernel. In CP disabling mode, there are two issues when using LFS or SSR | AT SSR mode to select a victim. The first issue is...

7.1CVSS6.7AI score0.00236EPSS
Exploits0References20
Gentoo Linux
Gentoo Linux
added 2021/01/26 12:0 a.m.108 views

f2fs-tools: Multiple vulnerabilities

Background Tools for Flash-Friendly File System F2FS. Description Multiple vulnerabilities have been discovered in f2fs-tools. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround a...

8.2CVSS2.7AI score0.02121EPSS
Exploits5
OSV
OSV
added 2020/10/15 3:15 p.m.1 views

UBUNTU-CVE-2020-6104

An exploitable information disclosure vulnerability exists in the getdnodeofdata functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this...

5.5CVSS6.1AI score0.0149EPSS
Exploits1References3
Talos Blog
Talos Blog
added 2020/10/15 8:8 a.m.34 views

Vulnerability Spotlight: Code execution, information disclosure vulnerabilities in F2FS toolset

Vulnerabilities discovered by a Cisco Talos researcher. Blog by Jon Munshaw. Cisco Talos recently discovered multiple code execution and information disclosure vulnerabilities in various functions of the F2FS toolset. F2FS is a filesystem toolset commonly found in embedded devices that creates,...

1.7AI score
Exploits0
Talos
Talos
added 2020/10/14 12:0 a.m.39 views

F2fs-Tools F2fs.Fsck filesystem checking Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the getdnodeofdata functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this...

5.5CVSS5.3AI score0.0149EPSS
Exploits1
Talos
Talos
added 2020/04/09 12:0 a.m.31 views

F2fs-tools fsck.f2fs sanity_check_area_boundary code execution vulnerability

Summary An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this...

7.8CVSS7.3AI score0.0173EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/09/06 12:0 a.m.3 views

PT-2019-19662 · Google +1 · Android Kernel +1

Name of the Vulnerable Software and Affected Versions: Android kernel affected versions not specified Description: The issue is related to a possible out of bounds read in the F2FS touch driver of the Android kernel due to improper input validation. This could lead to local information disclosure...

7.8CVSS6.1AI score0.04433EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.82 views

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3468-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3468-2 advisory. USN-3468-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement H...

7.8CVSS7.1AI score0.03631EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.49 views

Ubuntu 16.04 LTS : Linux kernel (GCP) vulnerabilities (USN-3468-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3468-3 advisory. It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. A local attacker in a guest VM could use this to cause a...

7.8CVSS7.1AI score0.03631EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.43 views

Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3468-1)

It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. A local attacker in a guest VM could use this to cause a denial of service host system crash. CVE-2017-1000252 It was discovered that the Flash-Friendly File System f2fs implementation in the Linux...

7.8CVSS6.9AI score0.03631EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.45 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3470-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3470-1 advisory. Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the Linux kernel. A local attacker could use to cause a denial of...

7.8CVSS7.3AI score0.13378EPSS
Exploits11References8
OpenVAS
OpenVAS
added 2017/11/01 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.13378EPSS
Exploits11References2
OpenVAS
OpenVAS
added 2017/11/01 12:0 a.m.57 views

Ubuntu: Security Advisory (USN-3468-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.03631EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2017/11/01 12:0 a.m.38 views

Ubuntu: Security Advisory (USN-3468-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.03631EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2017/10/31 6:29 p.m.98 views

USN-3470-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3470-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the...

7.8CVSS7.3AI score0.13378EPSS
Exploits11
Ubuntu
Ubuntu
added 2017/10/31 10:13 a.m.71 views

USN-3470-1: Linux kernel vulnerabilities

Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the Linux kernel. A local attacker could use to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-8632 Dmitry Vyukov discovered that a race condition...

7.8CVSS7.3AI score0.13378EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2017/09/19 12:0 a.m.75 views

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3420-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3420-2 advisory. USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

10CVSS7.9AI score0.16181EPSS
Exploits12References5
Tenable Nessus
Tenable Nessus
added 2017/09/19 12:0 a.m.83 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3420-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3420-1 advisory. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically...

10CVSS7.9AI score0.16181EPSS
Exploits12References5
OpenVAS
OpenVAS
added 2017/09/19 12:0 a.m.49 views

Ubuntu: Security Advisory (USN-3420-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.16181EPSS
Exploits12References2
Rows per page
Query Builder