CVE-2025-0374

When etcupdate encounters conflicts while merging files, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This version does not preserve the mode of the input file, and is world-readable. This applies to files that would normally have restricted visibility, such as...

PT-2025-3859 · Etcupdate +1 · Etcupdate +1

Name of the Vulnerable Software and Affected Versions: etcupdate affected versions not specified Description: When etcupdate encounters conflicts while merging files, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This version does not preserve the mode of the inpu...

FreeBSD-SA-25:03.etcupdate

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:03.etcupdate Security Advisory The FreeBSD Project Topic: Unprivileged access to system files Category: core Module: etcupdate Announced: 2025-01-29 Credits:...

FreeBSD -- Unprivileged access to system files

Problem Description: When etcupdate encounters conflicts while merging files, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This version does not preserve the mode of the input file, and is world-readable. This applies to files that would normally have restricted...