CVE-2020-6107

Summary

An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aF2fs-ToolsF2fs-Tools F2fs.Fsck 1.13affected

Weaknesses

  • CWE-253: CWE-253: Incorrect Check of Function Return Value

ADP Enrichment

CVE Program Container

Additional References

References