Описание
An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
Ссылки
- Third Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
- Third Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
EPSS
8.2 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
An exploitable code execution vulnerability exists in the multiple dev ...
An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
Уязвимость утилиты F2fs-Tools, связанная с некорректным внешним управлением именем или путем файла, позволяющая нарушителю удалять произвольные файлы
EPSS
8.2 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2