CVE-2025-0374

CVE-2025-0374: Unprivileged access to system files

Vendor Freebsd
Product FreeBSD
Weakness CWE-732
Published January 30, 2025
Last update February 7, 2025

CVSS base score

What the vulnerability does

01Description

When etcupdate encounters conflicts while merging files, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This version does not preserve the mode of the input file, and is world-readable. This applies to files that would normally have restricted visibility, such as /etc/master.passwd. An unprivileged local user may be able to read encrypted root and user passwords from the temporary master.passwd file created in /var/db/etcupdate/conflicts. This is possible only when conflicts within the password file arise during an update, and the unprotected file is deleted when conflicts are resolved.

Key dates

02Disclosure timeline

January 30, 2025 CVE published
February 7, 2025 Record updated