On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: freebsd

Published: 2023-10-04T03:38:09.357Z

Updated: 2024-08-02T07:59:43.658Z

Reserved: 2023-10-03T21:14:20.733Z

Link: CVE-2023-5368

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-10-04T04:15:14.143

Modified: 2024-11-21T08:41:37.510

Link: CVE-2023-5368

cve-icon Redhat

No data.