Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
copy_file_range insufficient capability rights check
Vulnerability Description
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAP_SEEK capability. This incorrect privilege check enabled sandboxed processes with only read or write but no seek capability on a file descriptor to read data from or write data to an arbitrary location within the file corresponding to that file descriptor.
CVSS Information
N/A
Vulnerability Type
对于放弃特权的检查不恰当
Vulnerability Title
FreeBSD 安全漏洞
Vulnerability Description
FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD存在安全漏洞,该漏洞源于copy_file_range存在权限检查不当问题。
CVSS Information
N/A
Vulnerability Type
N/A