Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/f2fs-tools@1.4.0-2
purl pkg:deb/debian/f2fs-tools@1.4.0-2
Next non-vulnerable version 1.14.0-2
Latest non-vulnerable version 1.14.0-2
Risk
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-3wun-wfgk-jbe2
Aliases:
CVE-2020-6105
An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
1.14.0-2
Affected by 0 other vulnerabilities.
VCID-888j-mx8j-rudb
Aliases:
CVE-2020-6070
An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
1.14.0-2
Affected by 0 other vulnerabilities.
VCID-gtx4-gqmz-p3bz
Aliases:
CVE-2020-6104
An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
1.14.0-2
Affected by 0 other vulnerabilities.
VCID-hae8-uxsc-uybp
Aliases:
CVE-2020-6106
An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability.
1.14.0-2
Affected by 0 other vulnerabilities.
VCID-rn1x-zvg4-nfev
Aliases:
CVE-2020-6107
An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
1.14.0-2
Affected by 0 other vulnerabilities.
VCID-un23-7e7v-6uhn
Aliases:
CVE-2020-6108
An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
1.14.0-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-06T02:49:56.393413+00:00 Debian Oval Importer Affected by VCID-888j-mx8j-rudb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-06T01:31:49.535838+00:00 Debian Oval Importer Affected by VCID-hae8-uxsc-uybp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-06T01:28:51.296853+00:00 Debian Oval Importer Affected by VCID-rn1x-zvg4-nfev https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-06T01:11:36.977341+00:00 Debian Oval Importer Affected by VCID-3wun-wfgk-jbe2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-06T00:14:49.621413+00:00 Debian Oval Importer Affected by VCID-un23-7e7v-6uhn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-05T23:45:03.747226+00:00 Debian Oval Importer Affected by VCID-gtx4-gqmz-p3bz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0