CVE-2023-6660

Name of the Vulnerable Software and Affected Versions FreeBSD (affected versions not specified)

Description The issue is related to a bug in the NFS client of FreeBSD operating systems, which can cause the NFS client to fail to copy data to be written but proceed as though the copy operation had succeeded. This can lead to the disclosure of sensitive information. The leak is limited to data previously stored in mbufs, which are used for network transmission and reception, and for certain types of inter-process communication. The bug can be triggered unintentionally by system applications, resulting in corrupted data being written over the network to the NFS server, making it susceptible to being snooped by other hosts on the network.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.