CVE-2020-6070

An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
Configurations

Configuration 1

cpe:2.3:a:f2fs-tools_project:f2fs-tools:1.12.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Information

Published : 2020-08-10 02:15

Updated : 2022-06-07 04:51


NVD link : CVE-2020-6070

Mitre link : CVE-2020-6070

Products Affected
No products.
CWE
CWE-131

Incorrect Calculation of Buffer Size