vulnerability
FreeBSD: VID-F4464E49-7E04-11EE-8E38-002590C1F29C (CVE-2023-5978): FreeBSD -- Incorrect libcap_net limitation list manipulation
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:C/A:N) | Nov 8, 2023 | Nov 9, 2023 | Jan 28, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
Nov 8, 2023
Added
Nov 9, 2023
Modified
Jan 28, 2025
Description
In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints. When only a list of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed. This could permit the application to resolve domain names that were previously restricted.
Solution
freebsd-upgrade-base-13_2-release-p5
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.