NetBSD procfs Negative uio_offset Unspecified Issue

2005-10-31T00:00:00
ID OSVDB:20730
Type osvdb
Reporter OSVDB
Modified 2005-10-31T00:00:00

Description

Vulnerability Description

NetBSD contains a flaw related to the process file system (procfs) that may allow a malicious user to cause a negative uio_offset. No further details have been provided.

Technical Description

While specific details regarding this vulnerability were not provided by the vendor, a negative offset should not be permitted when using the process file system (procfs).

If a malicious user causes a negative offset when reading from a procfs file, a system crash and/or kernel memory disclosure will result. Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way. For example, a terminal buffer might include a user-entered password.

Solution Description

Upgrade to version 2.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

NetBSD contains a flaw related to the process file system (procfs) that may allow a malicious user to cause a negative uio_offset. No further details have been provided.

References:

Vendor URL: http://www.netbsd.org/ Vendor Specific Advisory URL Security Tracker: 1015132 Related OSVDB ID: 20725 Related OSVDB ID: 20728 Related OSVDB ID: 20731 Related OSVDB ID: 20726 Related OSVDB ID: 20727 Related OSVDB ID: 20729 Other Advisory URL: http://www.uniras.gov.uk/niscc/docs/br-20051101-00969.html?lang=en