Openzfs
Monthly
OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.