CVE-2020-6108

Summary

An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aF2fs-ToolsF2fs-Tools F2fs.Fsck 1.13affected

Weaknesses

  • CWE-131: CWE-131: Incorrect Calculation of Buffer Size

ADP Enrichment

CVE Program Container

Additional References

References