Openzfs: >> Openzfs Security Vulnerabilities
OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but can be security related in realistic situations. A possible example is cp, from a recent GNU Core Utilities (coreutils) version, when attempting to preserve a rule set for denying unauthorized access. (One might use cp when configuring access control, such as with the /etc/hosts.deny file specified in the IBM Support reference.) NOTE: this issue occurs less often in version 2.2.1, and in versions before 2.1.4, because of the default configuration in those versions.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-11-24
An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allowed to everyone. IPv6 restrictions from the configuration are not applied.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-02-12
OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-08-27
OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-08-27