Description
Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities.
References (10)
Core 10
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16226
Mailing List mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=108481812926420&w=2
Various Sources vendor-advisory
x_refsource_openbsd
http://www.openbsd.org/errata35.html
Various Sources vendor-advisory
x_refsource_openbsd
http://www.openbsd.org/errata34.html
Patch x_refsource_confirm
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/006_procfs.patch
URL Repurposed x_refsource_misc
http://www.deprotect.com/advisories/DEPROTECT-20041305.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/6114
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11605
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=openbsd-security-announce&m=108445767103004&w=2
Patch x_refsource_confirm
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/020_procfs.patch
Scores
EPSS
0.0009
EPSS Percentile
24.8%
Details
Status
published
Products (2)
openbsd/openbsd
3.4
openbsd/openbsd
3.5
Published
Jul 07, 2004
Tracked Since
Feb 18, 2026