CVE-2023-5368 - OpenCVE

On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Freebsd	Freebsd

Configuration 1 [-]

OR	cpe:2.3:o:freebsd:freebsd::::::::
	cpe:2.3:o:freebsd:freebsd::::::::
	cpe:2.3:o:freebsd:freebsd:12.4:-::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p1::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p2::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p3::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p4::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p5::::::
	cpe:2.3:o:freebsd:freebsd:13.2:-::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p1::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p2::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p3::::::

No data.

References

Link	Providers
https://dfir.ru/2023/11/01/bringing-unallocated-data-back-the-fat12-16-32-case/
https://security.FreeBSD.org/advisories/FreeBSD-SA-23:12.msdosfs.asc
https://security.netapp.com/advisory/ntap-20231124-0004/

History

No history.

MITRE

Status: PUBLISHED

Assigner: freebsd

Published: 2023-10-04T03:38:09.357Z

Updated: 2024-08-02T07:59:43.658Z

Reserved: 2023-10-03T21:14:20.733Z

Link: CVE-2023-5368

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-10-04T04:15:14.143

Modified: 2023-11-29T21:15:07.940

Link: CVE-2023-5368

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5368", "assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "state": "PUBLISHED", "assignerShortName": "freebsd", "dateReserved": "2023-10-03T21:14:20.733Z", "datePublished": "2023-10-04T03:38:09.357Z", "dateUpdated": "2024-08-02T07:59:43.658Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "modules": ["msdosfs"], "product": "FreeBSD", "vendor": "FreeBSD", "versions": [{"lessThan": "p4", "status": "affected", "version": "13.2-RELEASE", "versionType": "release"}, {"lessThan": "p6", "status": "affected", "version": "12.4-RELEASE", "versionType": "release"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Maxim Suhanov"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.</p><p>This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).</p>"}], "value": "On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.\n\nThis may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).\n\n"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1188", "description": "CWE-1188 Insecure Default Initialization of Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd", "dateUpdated": "2023-11-29T20:59:57.519Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:12.msdosfs.asc"}, {"url": "https://security.netapp.com/advisory/ntap-20231124-0004/"}, {"url": "https://dfir.ru/2023/11/01/bringing-unallocated-data-back-the-fat12-16-32-case/"}], "source": {"discovery": "UNKNOWN"}, "title": "msdosfs data disclosure", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:59:43.658Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:12.msdosfs.asc"}, {"url": "https://security.netapp.com/advisory/ntap-20231124-0004/", "tags": ["x_transferred"]}, {"url": "https://dfir.ru/2023/11/01/bringing-unallocated-data-back-the-fat12-16-32-case/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7F6C8B0-9D75-476C-ADBA-754416FBC186", "versionEndExcluding": "12.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA49E374-9F1A-4F62-B88D-CD36EDEA6060", "versionEndExcluding": "13.2", "versionStartIncluding": "13.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:*", "matchCriteriaId": "24920B4D-96C0-401F-B679-BEB086760EAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p1:*:*:*:*:*:*", "matchCriteriaId": "3CE32730-A9F5-4E8D-BDA4-6B8232F84787", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p2:*:*:*:*:*:*", "matchCriteriaId": "552E81DE-D409-475F-8ED0-E10A0BE43D29", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p3:*:*:*:*:*:*", "matchCriteriaId": "251CAE22-C3E6-45AD-8301-F36BEE5C6860", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p4:*:*:*:*:*:*", "matchCriteriaId": "85D94BCA-FA32-4C10-95CD-5D2A69B38A7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p5:*:*:*:*:*:*", "matchCriteriaId": "8C950F97-40B4-43BF-BB81-C49CE00A468B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*", "matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*", "matchCriteriaId": "2888B0C1-4D85-42EC-9696-03FAD0A9C28F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*", "matchCriteriaId": "A3306F11-D3C0-41D6-BB5E-2ABDC3927715", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*", "matchCriteriaId": "9E584FE1-3A34-492B-B10F-508DA7CBA768", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.\n\nThis may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).\n\n"}, {"lang": "es", "value": "En un sistema de archivos msdosfs, las llamadas al sistema 'truncate' o 'ftruncate' bajo ciertas circunstancias llenan el espacio adicional en el archivo con datos no asignados del dispositivo de disco subyacente, en lugar de cero bytes. Esto puede permitir que un usuario con acceso de escritura a archivos en un sistema de archivos msdosfs lea datos no deseados (por ejemplo, de un archivo previamente eliminado)."}], "id": "CVE-2023-5368", "lastModified": "2023-11-29T21:15:07.940", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-04T04:15:14.143", "references": [{"source": "secteam@freebsd.org", "url": "https://dfir.ru/2023/11/01/bringing-unallocated-data-back-the-fat12-16-32-case/"}, {"source": "secteam@freebsd.org", "tags": ["Patch"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:12.msdosfs.asc"}, {"source": "secteam@freebsd.org", "url": "https://security.netapp.com/advisory/ntap-20231124-0004/"}], "sourceIdentifier": "secteam@freebsd.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1188"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1188"}], "source": "secteam@freebsd.org", "type": "Secondary"}]}