FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- copy_file_range insufficient capability rights check

Affected packages
13.2 <= FreeBSD-kernel < 13.2_4


VuXML ID e261e71c-6250-11ee-8e38-002590c1f29c
Discovery 2023-10-03
Entry 2023-10-04

Problem Description:

The syscall checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the syscall must additionally require the CAP_SEEK capability.


A sandboxed process with only read or write but no seek capability on a file descriptor may be able to read data from or write data to an arbitrary location within the file corresponding to that file descriptor.


CVE Name CVE-2023-5369
FreeBSD Advisory SA-23:13.capsicum