When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir(3) and related functions to return filesystem entries with names containing additional path components. The lack of validation described above gives rise to a confused deputy problem. For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory.
2024-08-12T13:38:40.380
2024-11-21T09:50:15.657
Modified
CVSSv3.1: 5.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | freebsd | freebsd | < 13.0 | Yes |
| Operating System | freebsd | freebsd | < 13.3 | Yes |
| Operating System | freebsd | freebsd | 13.3 | Yes |
| Operating System | freebsd | freebsd | 13.3 | Yes |
| Operating System | freebsd | freebsd | 13.3 | Yes |
| Operating System | freebsd | freebsd | 13.3 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.0 | Yes |
| Operating System | freebsd | freebsd | 14.1 | Yes |
| Operating System | freebsd | freebsd | 14.1 | Yes |