FreeBSD procfs / linprocfs Local Overflow Kernel Memory Disclosure

2003-10-03T00:00:00
ID OSVDB:2649
Type osvdb
Reporter Joost Pol(joost@pine.nl)
Modified 2003-10-03T00:00:00

Description

Vulnerability Description

FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user overflows a buffer of the "uio" offset parameter in the process file system (procfs) and Linux process file system (linprocfs), which will disclose the kernel memory resulting in a loss of confidentiality.

Solution Description

Upgrade to version 4-STABLE, or to the RELENG_5_1, RELENG_4_8, or RELENG_4_7 security branch or higher, as it has been reported to fix this vulnerability. Also, FreeBSD has released a patch.

Short Description

FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user overflows a buffer of the "uio" offset parameter in the process file system (procfs) and Linux process file system (linprocfs), which will disclose the kernel memory resulting in a loss of confidentiality.

References:

Vendor URL: http://www.freebsd.org Vendor Specific Advisory URL Security Tracker: 1007875 Secunia Advisory ID:9927 Related OSVDB ID: 5987 Other Advisory URL: http://www.pine.nl/press/pine-cert-20030902.txt ISS X-Force ID: 13343 Bugtraq ID: 8748