Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAP_SEEK capability.
This incorrect privilege check enabled sandboxed processes with only read or write but no seek capability on a file descriptor to read data from or write data to an arbitrary location within the file corresponding to that file descriptor.
References
Configurations
History
24 Nov 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Oct 2023, 13:36
Type | Values Removed | Values Added |
---|---|---|
First Time |
Freebsd
Freebsd freebsd |
|
CPE | cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
CWE | CWE-273 | |
References | (MISC) https://security.FreeBSD.org/advisories/FreeBSD-SA-23:13.capsicum.asc - Vendor Advisory |
04 Oct 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-04 04:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-5369
Mitre link : CVE-2023-5369
CVE.ORG link : CVE-2023-5369
JSON object : View
Products Affected
freebsd
- freebsd
CWE
CWE-273
Improper Check for Dropped Privileges