On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.
This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: freebsd
Published: 2023-10-04T03:38:09.357Z
Updated: 2024-08-02T07:59:43.658Z
Reserved: 2023-10-03T21:14:20.733Z
Link: CVE-2023-5368
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-10-04T04:15:14.143
Modified: 2024-11-21T08:41:37.510
Link: CVE-2023-5368
Redhat
No data.