5 matches found
CVE-2023-5369
CVE-2023-5369 concerns copy_file_range with an incomplete privilege check. Connected FreeBSD advisories confirm the issue: the syscall validated only CAP_READ and CAP_WRITE; CAP_SEEK is also required for offset-based access. The flaw enables a sandboxed process with read or write capabilities but...
CVE-2023-5369 copy_file_range insufficient capability rights check
Before correction, the copyfilerange system call checked only for the CAPREAD and CAPWRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAPSEEK capability. This incorrect...
CVE-2023-5369 copy_file_range insufficient capability rights check
Before correction, the copyfilerange system call checked only for the CAPREAD and CAPWRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAPSEEK capability. This incorrect...
FreeBSD : FreeBSD -- copy_file_range insufficient capability rights check (e261e71c-6250-11ee-8e38-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e261e71c-6250-11ee-8e38-002590c1f29c advisory. - Before correction, the copyfilerange system call checked only for the CAPREAD and CAPWRITE capabiliti...
FreeBSD-SA-23:13.capsicum
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:13.capsicum Security Advisory The FreeBSD Project Topic: copyfilerange insufficient capability rights check Category: core Module: capsicum Announced:...