Lucene search
K
F2fs-tools ProjectF2fs-tools

6 matches found

CVE
CVE
added 2020/10/15 2:48 p.m.81 views

CVE-2020-6106

Summary: CVE-2020-6106 is an exploitable information-disclosure vulnerability in the init_node_manager path of F2fs-Tools F2fs.Fsck (versions 1.12 and 1.13). A specially crafted filesystem can cause leakage when a malicious file is processed. The initial description and connected advisories confi...

5.5CVSS5.2AI score0.01514EPSS
CVE
CVE
added 2020/10/15 2:48 p.m.79 views

CVE-2020-6105

CVE-2020-6105 affects F2fs-Tools F2fs.Fsck 1.13. The vulnerability resides in the multiple devices functionality, where a specially crafted f2fs filesystem can trigger information overwrite leading to code execution. An attacker can provide a malicious file to trigger the vulnerability. Affected ...

8.2CVSS7.7AI score0.02097EPSS
CVE
CVE
added 2020/10/15 2:45 p.m.76 views

CVE-2020-6107

CVE-2020-6107 affects F2fs-tools F2fs.Fsck 1.13. The vulnerability is in the dev_read functionality of F2fs.Fsck, where a specially crafted f2fs filesystem can trigger an uninitialized read, leading to information disclosure. Attacker-controlled input (a malicious file) is sufficient to trigger t...

5.5CVSS5AI score0.01514EPSS
CVE
CVE
added 2020/08/10 1:13 p.m.75 views

CVE-2020-6070

CVE-2020-6070 describes an exploitable code execution vulnerability in the file system checking component fsck.f2fs 1.12.0. A specially crafted f2fs file can trigger a logic flaw and out-of-bounds heap operations, leading to code execution. Several connected advisories confirm the same root cause...

7.8CVSS7.6AI score0.0173EPSS
CVE
CVE
added 2020/10/15 2:45 p.m.72 views

CVE-2020-6108

CVE-2020-6108 affects F2fs-Tools F2fs.Fsck 1.13. The vulnerability is a heap buffer overflow in fsck_chk_orphan_node that can lead to code execution when a crafted f2fs filesystem is processed. Exploitation details are provided across multiple sources; the advisory literature notes the impact as ...

8.2CVSS7.9AI score0.02213EPSS
CVE
CVE
added 2020/10/15 2:47 p.m.69 views

CVE-2020-6104

CVE-2020-6104 affects F2fs-Tools F2fs.Fsck 1.13, where get_dnode_of_data can disclose information via a specially crafted f2fs filesystem. The linked documents confirm the vulnerability is an information disclosure issue; no exploit details are provided. Mitigation appears in Gentoo GLSA 202101-2...

5.5CVSS5.1AI score0.01508EPSS