copy_file_range insufficient capability rights check
CVE-2023-5369

7.1HIGH

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 4 October 2023

What is CVE-2023-5369?

A vulnerability in FreeBSD's copy_file_range system call allows sandboxed processes lacking the required CAP_SEEK capability to bypass restrictions. This improper privilege check enables potential unauthorized reading or writing of data at arbitrary locations in the associated file descriptor, compromising the intended security safeguards. Users are advised to apply patches available from FreeBSD's advisory to mitigate risks associated with this issue.

Affected Version(s)

FreeBSD 13.2-RELEASE

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-23:13....

vendor-advisory

https://security.netapp.com/advisory/ntap-20231124-0009/

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 4, 2023
Vulnerability Reserved
Oct 3, 2023

Credit

David Chisnall