CVE Daily – OpenZFS

[High] CVE-2023-49298 – OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving a...

Fri, 24 Nov 2023 19:15:07 +0000

High CVE-2023-49298

OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but can be security related in realistic situations. A possible example is cp, from a recent GNU Core Utili…

CVSS: 7.5 · CWE: CWE-639

View on NVD

[High] CVE-2013-20001 – An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported ...

Fri, 12 Feb 2021 20:15:12 +0000

High CVE-2013-20001

An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allowed to everyone. IPv6 restrictions from the configuration are not applied.

CVSS: 7.5 · CWE: N/A

View on NVD

[High] CVE-2020-24717 – OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions ...

Thu, 27 Aug 2020 19:15:12 +0000

High CVE-2020-24717

OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777.

CVSS: 7.8 · CWE: CWE-276

View on NVD

[High] CVE-2020-24716 – OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for a...

Thu, 27 Aug 2020 19:15:11 +0000

High CVE-2020-24716

OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories.

CVSS: 7.8 · CWE: CWE-863

View on NVD