Overview
- Description
- OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but can be security related in realistic situations. A possible example is cp, from a recent GNU Core Utilities (coreutils) version, when attempting to preserve a rule set for denying unauthorized access. (One might use cp when configuring access control, such as with the /etc/hosts.deny file specified in the IBM Support reference.) NOTE: this issue occurs less often in version 2.2.1, and in versions before 2.1.4, because of the default configuration in those versions.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openzfs:openzfs:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCB5B44F-BC91-4DBC-A67B-96D577834ACB",
"versionEndIncluding": "2.1.13"
},
{
"criteria": "cpe:2.3:a:openzfs:openzfs:2.2.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9119E75A-14D2-4C8A-9AD0-97257DE45EC9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FA25530A-133C-4D7C-8993-D5C42D79A0B5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]