Product Security Hub

  • CVEs
  • Errata
  • Articles

CVE-2020-24716 : Insecure Permissions

2020-08-27

Versions Affected : TrueNAS 12.0-BETA1 and 12.0-BETA2

Description

OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories.

Workaround

No workaround is available.

Mitigation

  • Upgrade to 12.0-BETA2.1 or later

Commit

  • Jira Ticket
  • Github Commit
  • Ports Commit

Further information

  • NIST CVE-2020-24716 Entry

Current Products

  • FreeNAS/TrueNAS 11.334
  • TrueCommand 1.21

Categories

  • Contrib2
  • Core9
  • Linuxkpi1
  • Network1
  • OS20
  • Services7

Tags

  • AD1
  • alias2
  • bhyve2
  • build1
  • core4
  • crypto1
  • dhclient1
  • FreeBSD23
  • ftpd1
  • getfsstat1
  • ipfw1
  • kernel8
  • netinte61
  • nmount1
  • ntpd1
  • oce1
  • pfctl1
  • Samba5
  • sctp1
  • sqlite31
  • ssp1
  • tcp1
  • ure1
  • WebUI1

Previous Products

  • FreeNAS/TrueNAS 11.015
  • FreeNAS/TrueNAS 11.122
  • FreeNAS/TrueNAS 11.225
  • TrueCommand 1.01
  • TrueCommand 1.11
  • TRUENAS
  • IXSYSTEMS
  • IX ACCOUNT SERVICES
  • COMMUNITY
  • SECURITY
  • BLOG
©  iXsystems All Rights Reserved
Distributed under CC BY NC SA 4.0. Copyright and Trademark information can be found here.
Privacy Policy