CVE-2004-1066
FreeBSD 4.8-5.3 - Denial of Service or Kernel Memory Read via Invalid Process Argument Vector
Title source: llmDescription
The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18321
Various Sources vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc
Scores
EPSS
0.0008
EPSS Percentile
22.5%
Details
Status
published
Products (17)
freebsd/freebsd
4.0
freebsd/freebsd
4.1
freebsd/freebsd
4.1.1
freebsd/freebsd
4.2
freebsd/freebsd
4.3
freebsd/freebsd
4.4
freebsd/freebsd
4.5
freebsd/freebsd
4.6
freebsd/freebsd
4.7
freebsd/freebsd
4.8 (2 CPE variants)
... and 7 more
Published
Jan 10, 2005
Tracked Since
Feb 18, 2026