汇总 f2fs-tools_project 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 缓冲区溢出、文件包含与内存损坏,在 软件部署与生产负载 使用场景中可能带来 应用崩溃、内存损坏与文件覆盖 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2020-6108 | An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 2.21% | 2020-10-15 | 2026-06-16 |
| CVE-2020-6107 | An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 5.5 | 1.50% | 2020-10-15 | 2026-06-16 |
| CVE-2020-6106 | An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 5.5 | 1.50% | 2020-10-15 | 2026-06-16 |
| CVE-2020-6105 | An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 2.10% | 2020-10-15 | 2026-06-16 |
| CVE-2020-6104 | An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 5.5 | 1.48% | 2020-10-15 | 2026-06-16 |
| CVE-2020-6070 | An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 1.73% | 2020-08-10 | 2026-06-16 |