Vulnerability   
Search   
    Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.878375
Category:Fedora Local Security Checks
Title:Fedora: Security Advisory for f2fs-tools (FEDORA-2020-a0b24e9377)
Summary:The remote host is missing an update for the 'f2fs-tools'; package(s) announced via the FEDORA-2020-a0b24e9377 advisory.
Description:Summary:
The remote host is missing an update for the 'f2fs-tools'
package(s) announced via the FEDORA-2020-a0b24e9377 advisory.

Vulnerability Insight:
NAND flash memory-based storage devices, such as SSD, and SD cards,
have been widely being used for ranging from mobile to server systems.
Since they are known to have different characteristics from the
conventional rotational disks, a file system, an upper layer to
the storage device, should adapt to the changes
from the sketch.

F2FS is a new file system carefully designed for the
NAND flash memory-based storage devices.
We chose a log structure file system approach,
but we tried to adapt it to the new form of storage.
Also we remedy some known issues of the very old log
structured file system, such as snowball effect
of wandering tree and high cleaning overhead.

Because a NAND-based storage device shows different characteristics
according to its internal geometry or flash memory management
scheme aka FTL, we add various parameters not only for configuring
on-disk layout, but also for selecting allocation
and cleaning algorithms.

Affected Software/OS:
'f2fs-tools' package(s) on Fedora 33.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-6070
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZ4HMQKNI35NBWJI6XMJBGWPEKZRR72/
https://talosintelligence.com/vulnerability_reports/TALOS-2020-0988
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.