CVE-2023-5368

🗓️ 04 Oct 2023 03:38:09Reported by freebsdType

On msdosfs filesystem, 'truncate' or 'ftruncate' system calls may expose unallocated data from underlying disk

Reporter	Title	Published	Views	Family All 10
CNNVD	FreeBSD Security Vulnerabilities	4 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-5368 msdosfs data disclosure	4 Oct 202303:38	–	cvelist
EUVD	EUVD-2023-57684	3 Oct 202520:07	–	euvd
FreeBSD	FreeBSD -- msdosfs data disclosure	3 Oct 202300:00	–	freebsd
FreeBSD Advisory	FreeBSD-SA-23:12.msdosfs	3 Oct 202300:00	–	freebsd_advisory
Tenable Nessus	FreeBSD : FreeBSD -- msdosfs data disclosure (fefcd340-624f-11ee-8e38-002590c1f29c)	4 Oct 202300:00	–	nessus
NVD	CVE-2023-5368	4 Oct 202304:15	–	nvd
Prion	Design/Logic Flaw	4 Oct 202304:15	–	prion
Positive Technologies	PT-2023-32071 · Msdosfs +1 · Msdosfs +1	3 Oct 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-5368	23 May 202505:07	–	redhatcve

NVD

Node

freebsd freebsdRange<12.4

freebsd freebsdRange13.0–13.2

freebsd freebsdMatch12.4-

freebsd freebsdMatch12.4p1

freebsd freebsdMatch12.4p2

freebsd freebsdMatch12.4p3

freebsd freebsdMatch12.4p4

freebsd freebsdMatch12.4p5

freebsd freebsdMatch13.2-

freebsd freebsdMatch13.2p1

freebsd freebsdMatch13.2p2

freebsd freebsdMatch13.2p3

[
  {
    "defaultStatus": "unknown",
    "modules": [
      "msdosfs"
    ],
    "product": "FreeBSD",
    "vendor": "FreeBSD",
    "versions": [
      {
        "lessThan": "p4",
        "status": "affected",
        "version": "13.2-RELEASE",
        "versionType": "release"
      },
      {
        "lessThan": "p6",
        "status": "affected",
        "version": "12.4-RELEASE",
        "versionType": "release"
      }
    ]
  }
]

Source	Link
security	www.security.freebsd.org/advisories/FreeBSD-SA-23:12.msdosfs.asc
security	www.security.netapp.com/advisory/ntap-20231124-0004/
dfir	www.dfir.ru/2023/11/01/bringing-unallocated-data-back-the-fat12-16-32-case/

21 Nov 2024 08:41Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.16.5

EPSS0.00134

CWE-1188