F2fs-tools Project F2fs-tools 1.12.0

CPE Details

F2fs-tools Project F2fs-tools 1.12.0
f2fs-tools_project
f2fs-tools
1.12.0
2020-08-12
19h20 +00:00
2020-08-12
19h20 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:f2fs-tools_project:f2fs-tools:1.12.0:*:*:*:*:*:*:*

Informations

Vendor

f2fs-tools_project

Product

f2fs-tools

Version

1.12.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-6106 2020-10-15 12h48 +00:00 An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability.
5.5
Medium
CVE-2020-6105 2020-10-15 12h48 +00:00 An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
7.8
High
CVE-2020-6104 2020-10-15 12h47 +00:00 An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
5.5
Medium
CVE-2020-6108 2020-10-15 12h45 +00:00 An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
7.8
High
CVE-2020-6107 2020-10-15 12h45 +00:00 An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
5.5
Medium
CVE-2020-6070 2020-08-10 11h13 +00:00 An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
7.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.