CVE Vulnerabilities

CVE-2013-5710

Published: Sep 23, 2013 | Modified: Oct 24, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.7 LOW
AV:L/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.

Affected Software

Name Vendor Start Version End Version
Freebsd Freebsd 8.0 (including) 8.0 (including)
Freebsd Freebsd 8.3 (including) 8.3 (including)
Freebsd Freebsd 8.4 (including) 8.4 (including)
Freebsd Freebsd 9.0 (including) 9.0 (including)
Freebsd Freebsd 9.1 (including) 9.1 (including)
Freebsd Freebsd 9.2 (including) 9.2 (including)

References