Debian Bullseye: Critical zfs-linux Update DLA-4114-1 Released Today
debian lts
April 4, 2025
Multiple vulnerabilities were found in zfs-linux, the OpenZFS filesystem for Linux
Topics Covered
Summary
CVE-2013-20001
When an NFS share is exported to IPv6 addresses via the sharenfs
feature, there is a silent failure to parse the IPv6 address data, and
access is allowed to everyone. IPv6 restrictions from the configuration
are not applied. With the fix, recognize when the host part of a
sharenfs attribute is an ipv6 Literal, and pass that through without
modification.
CVE-2023-49298
Check dnode and its data for dirtiness to prevent applications from
inadvertently replacing file contents with zero-valued bytes and
thus potentially disabling security mechanisms.
For Debian 11 bullseye, these problems have been fixed in version
2.0.3-9+deb11u2.
We recommend that you upgrade your zfs-linux packages.
For the detailed security status of zfs-linux please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/zfs-linux
Further information about Debian LTS security advisories, how to apply
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: zfs-linux
Version: 2.0.3-9+deb11u2
CVE ID: CVE-2013-20001 CVE-2023-49298
Debian Bug: 1056752 1059322
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!