FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-09 08:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e261e71c-6250-11ee-8e38-002590c1f29c	FreeBSD -- copy_file_range insufficient capability rights check Problem Description: The syscall checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the syscall must additionally require the CAP_SEEK capability. Impact: A sandboxed process with only read or write but no seek capability on a file descriptor may be able to read data from or write data to an arbitrary location within the file corresponding to that file descriptor. Discovery 2023-10-03 Entry 2023-10-04 FreeBSD-kernel ge 13.2 lt 13.2_4 CVE-2023-5369 SA-23:13.capsicum

VuXML ID

Description

e261e71c-6250-11ee-8e38-002590c1f29c

FreeBSD -- copy_file_range insufficient capability rights check

Problem Description:

The syscall checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the syscall must additionally require the CAP_SEEK capability.

Impact:

A sandboxed process with only read or write but no seek capability on a file descriptor may be able to read data from or write data to an arbitrary location within the file corresponding to that file descriptor.

Discovery 2023-10-03
Entry 2023-10-04
FreeBSD-kernel

ge 13.2 lt 13.2_4

CVE-2023-5369
SA-23:13.capsicum