Vulnerability Description
An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allowed to everyone. IPv6 restrictions from the configuration are not applied.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openzfs | Openzfs | <= 2.0.3 |
References
- https://github.com/openzfs/zfs/issues/1894#issuecomment-30693652ExploitThird Party Advisory
- https://github.com/openzfs/zfs/releasesRelease NotesThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2024/03/msg00019.html
- https://github.com/openzfs/zfs/issues/1894#issuecomment-30693652ExploitThird Party Advisory
- https://github.com/openzfs/zfs/releasesRelease NotesThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2024/03/msg00019.html
- https://lists.debian.org/debian-lts-announce/2025/04/msg00009.html
FAQ
What is CVE-2013-20001?
CVE-2013-20001 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allo...
How severe is CVE-2013-20001?
CVE-2013-20001 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-20001?
Check the references section above for vendor advisories and patch information. Affected products include: Openzfs Openzfs.