vulnerability
FreeBSD: VID-f4464e49-7e04-11ee-8e38-002590c1f29c (CVE-2023-5978): FreeBSD -- Incorrect libcap_net limitation list manipulation
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:C/A:N) | Nov 8, 2023 | Nov 9, 2023 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
Nov 8, 2023
Added
Nov 9, 2023
Modified
Dec 10, 2025
Description
Problem Description: Casper services allow limiting operations that a process can perform. Each service maintains a specific list of permitted operations. Certain operations can be further restricted, such as specifying which domain names can be resolved. During the verification of limits, the service must ensure that the new set of constraints is a subset of the previous one. In the case of the cap_net service, the currently limited set of domain names was fetched incorrectly. Impact: In certain scenarios, if only a list of resolvable domain names was specified without setting any other limitations, the application could submit a new list of domains including include entries not previously in the list.
Solution
freebsd-upgrade-base-13_2-release-p5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.