CVE-2020-6070

An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:f2fs-tools_project:f2fs-tools:1.12.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

History

04 Jan 2022, 16:32

Type Values Removed Values Added
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZ4HMQKNI35NBWJI6XMJBGWPEKZRR72/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZ4HMQKNI35NBWJI6XMJBGWPEKZRR72/ - Mailing List, Third Party Advisory
CPE cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Information

Published : 2020-08-10 14:15

Updated : 2024-02-04 21:00


NVD link : CVE-2020-6070

Mitre link : CVE-2020-6070

CVE.ORG link : CVE-2020-6070


JSON object : View

Products Affected

f2fs-tools_project

  • f2fs-tools

fedoraproject

  • fedora
CWE
CWE-131

Incorrect Calculation of Buffer Size