CVE-2023-5368

Name of the Vulnerable Software and Affected Versions msdosfs (affected versions not specified)

Description The issue arises when the 'truncate' or 'ftruncate' system calls are used on an msdosfs filesystem under certain circumstances. Instead of populating the additional space in the file with zero bytes, these calls fill the space with unallocated data from the underlying disk device. This may allow a user with write access to files on the msdosfs filesystem to read unintended data, such as from a previously deleted file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.