CVE-2023-5368

CVE-2023-5368

On an msdosfs filesystem, the ‘truncate’ or ‘ftruncate’ system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.

This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).

Source: CVE-2023-5368

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다