Linux · Linux Kernel · CVE-2023-5369
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue arises from an incorrect privilege check in the `copy file range` system call, which only verifies the `CAP READ` and `CAP WRITE` capabilities on the input and output file descriptors. However, using an offset is equivalent to seeking and requires the `CAP SEEK` capability. This flaw allows sandboxed processes with limited capabilities to read or write data at arbitrary locations within a file.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.