CVE-2023-5978
N/A
N/A
Summary
In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints. When only a list of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed. This could permit the application to resolve domain names that were previously restricted.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| FreeBSD | FreeBSD | 13.2-RELEASE < p5 | affected |
Weaknesses
- CWE-269: CWE-269 Improper Privilege Management
ADP Enrichment
CVE Program Container
Additional References
- https://security.freebsd.org/advisories/FreeBSD-SA-23:16.cap_net.asc
- https://security.netapp.com/advisory/ntap-20231214-0003/
References
- https://security.freebsd.org/advisories/FreeBSD-SA-23:16.cap_net.asc
- https://security.netapp.com/advisory/ntap-20231214-0003/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.