CVE-2016-1887
N/A
N/A
Summary
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://cturt.github.io/sendmsg.html
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:19.sendmsg.asc
- http://www.securitytracker.com/id/1035906
References
- http://cturt.github.io/sendmsg.html
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:19.sendmsg.asc
- http://www.securitytracker.com/id/1035906
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.