F2fs-tools Project F2fs-tools 1.13.0

CPE Details

F2fs-tools Project F2fs-tools 1.13.0
f2fs-tools_project
f2fs-tools
1.13.0
2020-12-02
16h26 +00:00
2020-12-02
16h26 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:f2fs-tools_project:f2fs-tools:1.13.0:*:*:*:*:*:*:*

Informations

Vendor

f2fs-tools_project

Product

f2fs-tools

Version

1.13.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-6106 2020-10-15 12h48 +00:00 An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability.
5.5
Moyen
CVE-2020-6105 2020-10-15 12h48 +00:00 An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
7.8
Haute
CVE-2020-6104 2020-10-15 12h47 +00:00 An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
5.5
Moyen
CVE-2020-6108 2020-10-15 12h45 +00:00 An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
7.8
Haute
CVE-2020-6107 2020-10-15 12h45 +00:00 An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
5.5
Moyen
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.