CVE-2023-5369

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from an incorrect privilege check in the copy file range system call, which only verifies the CAP READ and CAP WRITE capabilities on the input and output file descriptors. However, using an offset is equivalent to seeking and requires the CAP SEEK capability. This flaw allows sandboxed processes with limited capabilities to read or write data at arbitrary locations within a file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.