Follow
There's this bug in OpenZFS sharenfs implementation which allows >everyone< to mount your share when you export it to IPv6 addresses.
The issue has been open for more than 7 years now.
Please check your OpenZFS NFS exports.
https://github.com/openzfs/zfs/issues/1894#issuecomment-30693652
@vidister how is this... 🤦♂️ There should be a CVE for this
@schnittchen I have requested a CVE number.
@vidister thanks, hope that helps
@vidister there is a "duplicate" issue from 2011 https://github.com/openzfs/zfs/issues/380
@vidister to be clear - this is only when you use sharenfs and not when you use /etc/exports?
@steph Yes, and only on Linux.
@vidister ahh, saved on both counts
MITRE assigned CVE-2013-20001 to this.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-20001