6 matches found
CVE-2020-6106
Summary: CVE-2020-6106 is an exploitable information-disclosure vulnerability in the init_node_manager path of F2fs-Tools F2fs.Fsck (versions 1.12 and 1.13). A specially crafted filesystem can cause leakage when a malicious file is processed. The initial description and connected advisories confi...
CVE-2020-6105
CVE-2020-6105 affects F2fs-Tools F2fs.Fsck 1.13. The vulnerability resides in the multiple devices functionality, where a specially crafted f2fs filesystem can trigger information overwrite leading to code execution. An attacker can provide a malicious file to trigger the vulnerability. Affected ...
CVE-2020-6107
CVE-2020-6107 affects F2fs-tools F2fs.Fsck 1.13. The vulnerability is in the dev_read functionality of F2fs.Fsck, where a specially crafted f2fs filesystem can trigger an uninitialized read, leading to information disclosure. Attacker-controlled input (a malicious file) is sufficient to trigger t...
CVE-2020-6070
CVE-2020-6070 describes an exploitable code execution vulnerability in the file system checking component fsck.f2fs 1.12.0. A specially crafted f2fs file can trigger a logic flaw and out-of-bounds heap operations, leading to code execution. Several connected advisories confirm the same root cause...
CVE-2020-6108
CVE-2020-6108 affects F2fs-Tools F2fs.Fsck 1.13. The vulnerability is a heap buffer overflow in fsck_chk_orphan_node that can lead to code execution when a crafted f2fs filesystem is processed. Exploitation details are provided across multiple sources; the advisory literature notes the impact as ...
CVE-2020-6104
CVE-2020-6104 affects F2fs-Tools F2fs.Fsck 1.13, where get_dnode_of_data can disclose information via a specially crafted f2fs filesystem. The linked documents confirm the vulnerability is an information disclosure issue; no exploit details are provided. Mitigation appears in Gentoo GLSA 202101-2...