CVE-2023-51786: Lustre: incorrect access control resulting in potential data compromise or privilege escalation

CVE-2023-51786: Lustre: incorrect access control resulting in potential data compromise or privilege escalation

Open Source Security [[{„value“:“

Posted by daniel on Mar 12

According to the post on the Lustre announce mailing list [1], a
vulnerability has been fixed which provides access to files and folders
for which a user has no permission for.

<quote>
Scope of Issue:
Users can gain access to files/folders in the filesystem that they
should not have permission to access based on their user/group ID file
access permissions, leading to potential data compromise or privilege
escalation. This does not…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert