{"timestamp":"2025-03-25T13:47:13.758738Z","id":"CVE-2023-0751","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"FreeBSD","product":"FreeBSD","defaultStatus":"unaffected","modules":["geli"],"versions":[{"version":"13.1-RELEASE","lessThan":"13.1-RELEASE-p6","versionType":"release","status":"affected"},{"version":"12.4-RELEASE","lessThan":"12.4-RELEASE-p1","versionType":"release","status":"affected"},{"version":"12.3-RELEASE","lessThan":"12.3-RELEASE-p11","versionType":"release","status":"affected"}]}]

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

https://security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc

https://security.netapp.com/advisory/ntap-20230316-0004/

When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key.

When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key.

NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

NIST NVD-CWE-noinfo

OR
     *cpe:2.3:o:freebsd:freebsd:12.3:-:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.3:p1:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.3:p2:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.3:p3:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.3:p4:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.3:p5:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:-:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:b1-p1:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:b2-p2:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:p1:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:p2:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:p3:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:p4:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:p5:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:13.1:rc1-p1:*:*:*:*:*:*

https://security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc No Types Assigned

https://security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc Mitigation, Patch, Vendor Advisory