CVE-2020-24717
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-24717
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-24717.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-24717
- Published
- 2020-08-27T19:15:12Z
- Modified
- 2025-10-13T10:07:41.858794Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777.
- References
Affected packages
Git / github.com/openzfs/zfs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openzfs/zfs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
zfs-0.*
zfs-0.5.1
zfs-0.5.2
zfs-0.6.0-rc1
zfs-0.6.0-rc10
zfs-0.6.0-rc11
zfs-0.6.0-rc12
zfs-0.6.0-rc13
zfs-0.6.0-rc14
zfs-0.6.0-rc2
zfs-0.6.0-rc3
zfs-0.6.0-rc4
zfs-0.6.0-rc5
zfs-0.6.0-rc6
zfs-0.6.0-rc7
zfs-0.6.0-rc8
zfs-0.6.0-rc9
zfs-0.6.1
zfs-0.6.2
zfs-0.6.3
zfs-0.6.4
zfs-0.6.5
zfs-0.7.0
zfs-0.7.0-rc1
zfs-0.7.0-rc2
zfs-0.7.0-rc3
zfs-0.7.0-rc4
zfs-0.7.0-rc5
zfs-0.8.0
zfs-0.8.0-rc1
zfs-0.8.0-rc2
zfs-0.8.0-rc3
zfs-0.8.0-rc4
zfs-0.8.0-rc5
Database specific
{
"vanir_signatures": [
{
"signature_type": "Line",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"14947816806673120406370811508203819066",
"96200389605903043584837376115092533396",
"204015018033025168478357563060185215645",
"213792348281867928343958627746598474162",
"40366117685173643811702042979987250262",
"27614476723014617449599146235707990609",
"259342273339894490865416985456449876896",
"225956267864826418371104073108770186152",
"9785920486182148365469501903769213985",
"226277346227951747896771506412512680141",
"296214258305957843306501431214509540",
"15089301218816107409658807214191686437",
"261180639419532710256129540630407211219",
"207787154188325703920657551961512820900",
"170195753782085597155096012472496488929",
"281366471339449381834028240445441508129",
"326207984400856381845811194011867068535",
"207145956815463740362959192537035674339",
"96937257554587488087287743666357505830",
"47501517753883561559505623250025297930",
"100765070867974891727532508558126330401",
"29570645279901247094051748542181628716",
"328081266545621556848172887760498375135",
"95029139321078040983444153196667798525",
"61007780918810805458594783520539228781",
"300802757857035384126710444624519026472",
"108075817379161463486727022559327416495",
"8698397139620396198104063501407025457",
"47095309075068507980643086554185251780",
"107262379937396342800508788967807721077",
"1793804075059462453765758880830930332",
"7458084808584354217910823082945033395"
]
},
"id": "CVE-2020-24717-1d0d138c",
"target": {
"file": "module/zfs/zfs_fuid.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "177093946519375695587758092840596088296",
"length": 964.0
},
"id": "CVE-2020-24717-37f17f24",
"target": {
"function": "zfs_fastaccesschk_execute",
"file": "module/os/freebsd/zfs/zfs_acl.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "252718108539378505776932269722277718846",
"length": 338.0
},
"id": "CVE-2020-24717-5f74b0c9",
"target": {
"function": "zfs_fuid_create_cred",
"file": "module/os/freebsd/zfs/zfs_fuid_os.c"
}
},
{
"signature_type": "Line",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"180850889462017338190405037285747967003",
"109088149123638930509023270328869940195",
"140407890574884335598762436681443124778",
"79516093963539455527348760113738682237",
"312980824909533284286094412273173402365",
"69795545824498638161745328965668502563",
"300260647441130707999237271298896894591",
"204056634192673201165916395316629635391",
"169861891198239816434063297746277370721",
"207379323394653066375312939655656029746",
"247275674521633927222694708810625480446",
"204718479141128550684778757170692998776",
"248614199980079247360386517395914687166",
"99584419755231356171583500590232153523",
"186429088045592130216036983516686168920",
"110902127035271302389478880163167835491",
"224201605274655428495760903684467436825",
"116934288923320764830792701120179057061",
"141040174352687604346684420991335363251"
]
},
"id": "CVE-2020-24717-65b79426",
"target": {
"file": "module/os/freebsd/zfs/zfs_fuid_os.c"
}
},
{
"signature_type": "Line",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"229378851184895287186047618388068200881",
"40082097660818748936939727973792726179",
"120083861810167073165459821031464039152",
"7285279292234693690736447556180356097",
"113366598133379122617937292780818798207",
"77974973956427672163667598693042170779",
"312773830947834335148085810395816395808",
"260898932790641298616512065329823803698",
"166014658103497319027688477161713392301",
"236028263683336670417424683815666725110",
"205980303750862186422444098283403665521",
"39418519599096444826679742499646240125",
"186530034864111932839279186245383296934",
"8387912657264694421610698427947615180",
"99707067162587165364386633243094101807",
"242856378513978650439927297044408783777",
"9873918264866920035608226200763462457",
"214987965622870436559664269137857728370",
"54572981739932285037896130832085053776",
"158525400517782616642803759634289516190",
"263645071259497555695542072416811721655",
"329852238853301835407779400358818013325",
"87826060595585752012190274820324082148",
"143220701861440839903248970494095752415",
"125750874647278324149688739465190955208",
"214987965622870436559664269137857728370",
"54572981739932285037896130832085053776",
"286430242476601475604082976707415945626",
"232261400798631568062636832660563081908",
"193271272394019485843533542664804973245",
"162603725341419685045718565704257461235",
"60140751822919199873842116540232650354",
"109388128052665260361439665827095668367",
"245143454745302651278961458487417307212",
"140440513210670967449317973097679626120",
"194524734168547440285823328653729250058",
"37921098608795373587100696383547285217",
"195867406024514539379578510449215781635",
"193052262900803986772872015098948642491",
"338905150354377826086728834683969407125"
]
},
"id": "CVE-2020-24717-73da69af",
"target": {
"file": "module/os/freebsd/zfs/zfs_acl.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "335840159863553547510183609113130359355",
"length": 911.0
},
"id": "CVE-2020-24717-9cca011c",
"target": {
"function": "zfs_groupmember",
"file": "module/zfs/zfs_fuid.c"
}
},
{
"signature_type": "Line",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"146560365501714708539351790764324404691"
]
},
"id": "CVE-2020-24717-ae05479c",
"target": {
"file": "include/os/freebsd/spl/sys/sid.h"
}
},
{
"signature_type": "Function",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "41140515957495169468064196361279925716",
"length": 1532.0
},
"id": "CVE-2020-24717-e3c844ec",
"target": {
"function": "zfs_fuid_create",
"file": "module/zfs/zfs_fuid.c"
}
},
{
"signature_type": "Function",
"source": "https://github.com/openzfs/zfs/commit/716b53d0a14c72bda16c0872565dd1909757e73f",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "110376842435197215406049143798371644274",
"length": 547.0
},
"id": "CVE-2020-24717-e5bf9173",
"target": {
"function": "zfs_fuid_map_id",
"file": "module/zfs/zfs_fuid.c"
}
}
]
}