VULHUB ™

The BSD kernel has been reported prone to an integer overflow vulnerability. The issue presents itself in the procfs handling procedures, and has been reported to be due to a lack of sufficient sanity checks performed on 'uio' offset parameters. This issue is reported to affect OpenBSD and FreeBSD. It is currently not know whether NetBSD or Darwin are affected by this issue. A local attacker may exploit this issue on systems that have procfs enabled, to trigger a kernel panic or disclose potentially sensitive data stored in regions of memory that would otherwise be restricted.

The BSD kernel has been reported prone to an integer overflow vulnerability. The issue presents itself in the procfs handling procedures, and has been reported to be due to a lack of sufficient sanity checks performed on 'uio' offset parameters. This issue is reported to affect OpenBSD and FreeBSD. It is currently not know whether NetBSD or Darwin are affected by this issue. A local attacker may exploit this issue on systems that have procfs enabled, to trigger a kernel panic or disclose potentially sensitive data stored in regions of memory that would otherwise be restricted.