MGASA-2020-0436 - Updated f2fs-tools packages fix security vulnerability

Publication date: 23 Nov 2020
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-6070

An exploitable code execution vulnerability exists in the file system checking
functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a
logic flaw and out-of-bounds heap operations, resulting in code execution. An
attacker can provide a malicious file to trigger this vulnerability

-[email protected]/thread/3SZ4HMQKNI35NBWJI6XMJBGWPEKZRR72/

- 7/core/f2fs-tools-1.14.0-1.mga7