The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.
2005-01-10T05:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 3.6 (LOW)
AV:L/AC:L/Au:N/C:P/I:N/A:P
3.9
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | freebsd | freebsd | 4.0 | Yes |
| Operating System | freebsd | freebsd | 4.1 | Yes |
| Operating System | freebsd | freebsd | 4.1.1 | Yes |
| Operating System | freebsd | freebsd | 4.2 | Yes |
| Operating System | freebsd | freebsd | 4.3 | Yes |
| Operating System | freebsd | freebsd | 4.4 | Yes |
| Operating System | freebsd | freebsd | 4.5 | Yes |
| Operating System | freebsd | freebsd | 4.6 | Yes |
| Operating System | freebsd | freebsd | 4.7 | Yes |
| Operating System | freebsd | freebsd | 4.8 | Yes |
| Operating System | freebsd | freebsd | 4.8 | Yes |
| Operating System | freebsd | freebsd | 4.9 | Yes |
| Operating System | freebsd | freebsd | 4.10 | Yes |
| Operating System | freebsd | freebsd | 4.10 | Yes |
| Operating System | freebsd | freebsd | 4.10 | Yes |
| Operating System | freebsd | freebsd | 5.0 | Yes |
| Operating System | freebsd | freebsd | 5.1 | Yes |
| Operating System | freebsd | freebsd | 5.2 | Yes |
| Operating System | freebsd | freebsd | 5.2.1 | Yes |
| Operating System | freebsd | freebsd | 5.2.1 | Yes |
| Operating System | freebsd | freebsd | 5.3 | Yes |
| Operating System | freebsd | freebsd | 5.3 | Yes |
| Operating System | freebsd | freebsd | 5.3 | Yes |