setsockopt(2) IPv6 sockets input validation error

2004-03-29T00:00:00
ID 2C6ACEFD-8194-11D8-9645-0020ED76EF5A
Type freebsd
Reporter FreeBSD
Modified 2004-05-05T00:00:00

Description

From the FreeBSD Security Advisory:

A programming error in the handling of some IPv6 socket options within the setsockopt(2) system call may result in memory locations being accessed without proper validation. It may be possible for a local attacker to read portions of kernel memory, resulting in disclosure of sensitive information. A local attacker can cause a system panic.