CVE-2023-49298
Published: 24 November 2023
OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but can be security related in realistic situations. A possible example is cp, from a recent GNU Core Utilities (coreutils) version, when attempting to preserve a rule set for denying unauthorized access. (One might use cp when configuring access control, such as with the /etc/hosts.deny file specified in the IBM Support reference.) NOTE: this issue occurs less often in version 2.2.1, and in versions before 2.1.4, because of the default configuration in those versions.
Notes
Author | Note |
---|---|
mdeslaur | This was fixed by a SRU in bug 2044657. For jammy and mantic, the packages were subsequently released in the -security pocket, but for focal, it is still in -updates, but the issue isn't seen in the focal version because of the default configuration so marking as released. No USN has been published for these updates. |
Priority
Status
Package | Release | Status |
---|---|---|
zfs-linux Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Released
(0.8.3-1ubuntu12.17)
|
|
jammy |
Released
(2.1.5-1ubuntu6~22.04.4)
|
|
lunar |
Ignored
(end of life, was needed)
|
|
mantic |
Released
(2.2.0-0ubuntu1~23.10.3)
|
|
noble |
Released
(2.2.2-0ubuntu2)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Released
(2.1.14,2.2.2)
|
|
xenial |
Needed
|
|
Patches: upstream: https://github.com/openzfs/zfs/pull/15571 upstream: https://github.com/openzfs/zfs/commit/77b0c6f0403b2b7d145bf6c244b6acbc757ccdc9 upstream: https://github.com/openzfs/zfs/commit/9b9b09f452a469458451c221debfbab944e7f081 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | High |
Availability impact | None |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
References
- https://news.ycombinator.com/item?id=38405731
- https://web.archive.org/web/20231124172959/https://www.ibm.com/support/pages/how-remove-missing%C2%A0newline%C2%A0or%C2%A0line%C2%A0too%C2%A0long-error-etchostsallow%C2%A0and%C2%A0etchostsdeny-files
- https://github.com/openzfs/zfs/releases/tag/zfs-2.2.2
- https://gist.github.com/rincebrain/e23b4a39aba3fadc04db18574d30dc73
- https://www.cve.org/CVERecord?id=CVE-2023-49298
- NVD
- Launchpad
- Debian