mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
36 lines
1.7 KiB
JSON
36 lines
1.7 KiB
JSON
{
|
|
"id": "CVE-2023-49298",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-11-24T19:15:07.587",
|
|
"lastModified": "2023-11-24T19:15:07.587",
|
|
"vulnStatus": "Received",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but can be security related in realistic situations. A possible example is cp, from a recent GNU Core Utilities (coreutils) version, when attempting to preserve a rule set for denying unauthorized access. (One might use cp when configuring access control, such as with the /etc/hosts.deny file specified in the IBM Support reference.) NOTE: this issue occurs less often in version 2.2.1, and in versions before 2.1.4, because of the default configuration in those versions."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275308",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/openzfs/zfs/issues/15526",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/openzfs/zfs/pull/15571",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://news.ycombinator.com/item?id=38405731",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://web.archive.org/web/20231124172959/https://www.ibm.com/support/pages/how-remove-missing%C2%A0newline%C2%A0or%C2%A0line%C2%A0too%C2%A0long-error-etchostsallow%C2%A0and%C2%A0etchostsdeny-files",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |