CVE-2020-6106

MEDIUM

F2fs-Tools F2fs.Fsck <1.14 - Info Disclosure

Title source: llm

Description

An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability.

References (2)

[Exploit, Technical Description, Third Party Advisory] https://talosintelligence.com/vulnerability_reports/TALOS-2020-1048

[Third Party Advisory] https://security.gentoo.org/glsa/202101-26

Scores

CVSS v3 5.5

EPSS 0.0029

EPSS Percentile 52.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-125 CWE-131

Status published

Products (1)

f2fs-tools_project/f2fs-tools < 1.14.0

Published Oct 15, 2020

Tracked Since Feb 18, 2026