Lucene search
HistorySep 23, 2013 - 8:55 p.m.
CVE-2013-5710
cve-2013-5710
nullfs
access restrictions
hardlink
freebsd
kernel
nvd
6 Medium
AI Score
Confidence
Low
3.7 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.1%
The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.
Affected configurations
Node
freebsdfreebsdMatch8.0
ORfreebsdfreebsdMatch8.3
ORfreebsdfreebsdMatch8.4
ORfreebsdfreebsdMatch9.0
ORfreebsdfreebsdMatch9.1
ORfreebsdfreebsdMatch9.2
Related
freebsd
freebsd
FreeBSD -- Cross-mount links between nullfs(5) mounts
2013-09-10 00:00:00
cvelist
cvelist
CVE-2013-5710
2013-09-23 20:00:00
prion
prion
Design/Logic Flaw
2013-09-23 20:55:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs
2013-09-11 00:00:00
FreeBSD multiple security vulnerabilities
2013-09-11 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:13.nullfs
2013-09-10 00:00:00
nvd
nvd
CVE-2013-5710
2013-09-23 20:55:07
nessus
nessus
debian
debian
[SECURITY] [DSA-2769-1] kfreebsd-9 security update
2013-10-08 14:20:48
[SECURITY] [DSA-2769-1] kfreebsd-9 security update
2013-10-08 14:20:48
openvas
openvas
Debian Security Advisory DSA 2769-1 (kfreebsd-9 - privilege escalation/denial of service)
2013-10-08 00:00:00
Debian: Security Advisory (DSA-2769-1)
2013-10-07 00:00:00
osv
osv
kfreebsd-9 - several
2013-10-08 00:00:00
6 Medium
AI Score
Confidence
Low
3.7 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-5710