CVE-2013-5710
FreeBSD 8.3-9.2 - Unauthenticated Access Restriction Bypass via nullfs Hardlink
Title source: llmDescription
The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.
References (5)
Core 5
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/54861
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1029015
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2013/dsa-2769
Vendor Advisory vendor-advisory
x_refsource_freebsd
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:13.nullfs.asc
Various Sources x_refsource_confirm
http://svnweb.freebsd.org/base?view=revision&revision=255442
Scores
EPSS
0.0005
EPSS Percentile
16.3%
Details
CWE
CWE-264
Status
published
Products (6)
freebsd/freebsd
8.0
freebsd/freebsd
8.3
freebsd/freebsd
8.4
freebsd/freebsd
9.0
freebsd/freebsd
9.1
freebsd/freebsd
9.2
Published
Sep 23, 2013
Tracked Since
Feb 18, 2026