When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir(3) and related functions to return filesystem entries with names containing additional path components.
The lack of validation described above gives rise to a confused deputy problem. For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory.
Metrics
Affected Vendors & Products
References
History
Fri, 16 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:o:freebsd:freebsd:14.1:*:*:*:*:*:*:* |
|
References |
| |
Metrics |
ssvc
|
Tue, 13 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:13.3:p4:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:p8:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.1:p2:*:*:*:*:*:* |
Mon, 12 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Freebsd
Freebsd freebsd |
|
Weaknesses | CWE-22 | |
CPEs | cpe:2.3:o:freebsd:freebsd:13.3:*:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:14.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Freebsd
Freebsd freebsd |
|
Metrics |
cvssV3_1
|
Sun, 11 Aug 2024 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir(3) and related functions to return filesystem entries with names containing additional path components. The lack of validation described above gives rise to a confused deputy problem. For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory. | |
Title | NFS client accepts file names containing path separators | |
References |
|
MITRE
Status: PUBLISHED
Assigner: freebsd
Published: 2024-08-11T02:45:15.024Z
Updated: 2024-08-16T17:02:45.727Z
Reserved: 2024-07-15T14:18:19.971Z
Link: CVE-2024-6759
Vulnrichment
Updated: 2024-08-16T17:02:45.727Z
NVD
Status : Modified
Published: 2024-08-12T13:38:40.380
Modified: 2024-11-21T09:50:15.657
Link: CVE-2024-6759
Redhat
No data.