{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-5978","assignerOrgId":"63664ac6-956c-4cba-a5d0-f46076e16109","state":"PUBLISHED","assignerShortName":"freebsd","dateReserved":"2023-11-07T02:39:14.800Z","datePublished":"2023-11-08T08:52:46.920Z","dateUpdated":"2025-02-13T17:25:59.631Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unknown","modules":["libcap_net"],"product":"FreeBSD","vendor":"FreeBSD","versions":[{"lessThan":"p5","status":"affected","version":"13.2-RELEASE","versionType":"release"}]}],"credits":[{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"Shawn Webb"},{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"Mariusz Zaborski"}],"descriptions":[{"lang":"en","value":"In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints.  When only a list of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed.  This could permit the application to resolve domain names that were previously restricted."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-269","description":"CWE-269 Improper Privilege Management","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"63664ac6-956c-4cba-a5d0-f46076e16109","shortName":"freebsd","dateUpdated":"2023-12-14T10:06:37.231Z"},"references":[{"tags":["vendor-advisory"],"url":"https://security.freebsd.org/advisories/FreeBSD-SA-23:16.cap_net.asc"},{"url":"https://security.netapp.com/advisory/ntap-20231214-0003/"}],"source":{"discovery":"UNKNOWN"},"title":"Incorrect libcap_net limitation list manipulation","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:14:25.164Z"},"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_transferred"],"url":"https://security.freebsd.org/advisories/FreeBSD-SA-23:16.cap_net.asc"},{"url":"https://security.netapp.com/advisory/ntap-20231214-0003/","tags":["x_transferred"]}]}]}}