FreeBSDFEFCD340-624F-11EE-8E38-002590C1F29CFreeBSD -- msdosfs data disclosure
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
24.8%
Problem Description:
In certain cases using the truncate or ftruncate system call
to extend a file size populates the additional space in the file
with unallocated data from the underlying disk device, rather than
zero bytes.
Impact:
A user with write access to files on a msdosfs file system may
be able to read unintended data (for example, from a previously
deleted file).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | freebsd-kernel | = 13.2 | UNKNOWN |
| FreeBSD | any | noarch | freebsd-kernel | < 13.2_4 | UNKNOWN |
Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
24.8%