Lucene search
K

5 matches found

CVE
CVE
added 2023/10/04 3:48 a.m.89 views

CVE-2023-5369

CVE-2023-5369 concerns copy_file_range with an incomplete privilege check. Connected FreeBSD advisories confirm the issue: the syscall validated only CAP_READ and CAP_WRITE; CAP_SEEK is also required for offset-based access. The flaw enables a sandboxed process with read or write capabilities but...

7.1CVSS6.9AI score0.00185EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/04 3:48 a.m.14 views

CVE-2023-5369 copy_file_range insufficient capability rights check

Before correction, the copyfilerange system call checked only for the CAPREAD and CAPWRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAPSEEK capability. This incorrect...

6.9AI score0.00185EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/04 3:48 a.m.36 views

CVE-2023-5369 copy_file_range insufficient capability rights check

Before correction, the copyfilerange system call checked only for the CAPREAD and CAPWRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAPSEEK capability. This incorrect...

7.1AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.25 views

FreeBSD : FreeBSD -- copy_file_range insufficient capability rights check (e261e71c-6250-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e261e71c-6250-11ee-8e38-002590c1f29c advisory. - Before correction, the copyfilerange system call checked only for the CAPREAD and CAPWRITE capabiliti...

7.1CVSS7.2AI score0.00185EPSS
Exploits0References2
FreeBSD Advisory
FreeBSD Advisory
added 2023/10/03 12:0 a.m.18 views

FreeBSD-SA-23:13.capsicum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:13.capsicum Security Advisory The FreeBSD Project Topic: copyfilerange insufficient capability rights check Category: core Module: capsicum Announced:...

7.1CVSS7.2AI score0.00185EPSS
Exploits0
Rows per page
Query Builder