Published: 10/08/2020 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
f2fs-tools project f2fs-tools 1.12.0
fedoraproject fedora 33

Debian Bug report logs - #970941 f2fs-tools: CVE-2020-6070 Package: src:f2fs-tools; Maintainer for src:f2fs-tools is Filesystems Group <filesystems-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Sep 2020 20:57:01 UTC Severity: grave Tags: security, upstream Found ...

CWE-131 https://talosintelligence.com/vulnerability_reports/TALOS-2020-0988 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SZ4HMQKNI35NBWJI6XMJBGWPEKZRR72/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970941 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-6070

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect