CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
27.7%
On an msdosfs filesystem, the ‘truncate’ or ‘ftruncate’ system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.
This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).
Vendor | Product | Version | CPE |
---|---|---|---|
freebsd | freebsd | * | cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* |
freebsd | freebsd | 12.4 | cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:* |
freebsd | freebsd | 12.4 | cpe:2.3:o:freebsd:freebsd:12.4:p1:*:*:*:*:*:* |
freebsd | freebsd | 12.4 | cpe:2.3:o:freebsd:freebsd:12.4:p2:*:*:*:*:*:* |
freebsd | freebsd | 12.4 | cpe:2.3:o:freebsd:freebsd:12.4:p3:*:*:*:*:*:* |
freebsd | freebsd | 12.4 | cpe:2.3:o:freebsd:freebsd:12.4:p4:*:*:*:*:*:* |
freebsd | freebsd | 12.4 | cpe:2.3:o:freebsd:freebsd:12.4:p5:*:*:*:*:*:* |
freebsd | freebsd | 13.2 | cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:* |
freebsd | freebsd | 13.2 | cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:* |
freebsd | freebsd | 13.2 | cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:* |