2 matches found
CVE-2017-15037
In FreeBSD through 11.1, the smbstrdupin function in sys/netsmb/smbsubr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p-tname strings to lack a final '\0' character...
CVE-2017-15037
In FreeBSD up to version 11.1, the race condition in smb_strdupin (sys/netsmb/smb_subr.c) can cause t2p->t_name strings to miss a terminating '\0', leading to an out-of-bounds read. This is a concrete technical detail from the CVE entry and connected records describe the vulnerable function an...