61 matches found
The vulnerability of the F2fs-Tools utility, related to writing outside of the memory boundaries, allows a hacker to execute arbitrary code.
The vulnerability of the F2fs-Tools tool is related to writing beyond the memory boundaries. Exploiting this vulnerability could allow a hacker to execute arbitrary code using a specially created file system called f2fs...
PT-2024-11108 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the f2fs file system in the Linux kernel. In CP disabling mode, there are two issues when using LFS or SSR | AT SSR mode to select a victim. The first issue is...
f2fs-tools: Multiple vulnerabilities
Background Tools for Flash-Friendly File System F2FS. Description Multiple vulnerabilities have been discovered in f2fs-tools. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround a...
UBUNTU-CVE-2020-6104
An exploitable information disclosure vulnerability exists in the getdnodeofdata functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this...
Vulnerability Spotlight: Code execution, information disclosure vulnerabilities in F2FS toolset
Vulnerabilities discovered by a Cisco Talos researcher. Blog by Jon Munshaw. Cisco Talos recently discovered multiple code execution and information disclosure vulnerabilities in various functions of the F2FS toolset. F2FS is a filesystem toolset commonly found in embedded devices that creates,...
F2fs-Tools F2fs.Fsck filesystem checking Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the getdnodeofdata functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this...
F2fs-tools fsck.f2fs sanity_check_area_boundary code execution vulnerability
Summary An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this...
PT-2019-19662 · Google +1 · Android Kernel +1
Name of the Vulnerable Software and Affected Versions: Android kernel affected versions not specified Description: The issue is related to a possible out of bounds read in the F2FS touch driver of the Android kernel due to improper input validation. This could lead to local information disclosure...
Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3468-2)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3468-2 advisory. USN-3468-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement H...
Ubuntu 16.04 LTS : Linux kernel (GCP) vulnerabilities (USN-3468-3)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3468-3 advisory. It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. A local attacker in a guest VM could use this to cause a...
Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3468-1)
It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. A local attacker in a guest VM could use this to cause a denial of service host system crash. CVE-2017-1000252 It was discovered that the Flash-Friendly File System f2fs implementation in the Linux...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3470-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3470-1 advisory. Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the Linux kernel. A local attacker could use to cause a denial of...
Ubuntu: Security Advisory (USN-3470-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3468-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3468-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3470-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3470-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the...
USN-3470-1: Linux kernel vulnerabilities
Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the Linux kernel. A local attacker could use to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-8632 Dmitry Vyukov discovered that a race condition...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3420-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3420-2 advisory. USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3420-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3420-1 advisory. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically...
Ubuntu: Security Advisory (USN-3420-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...