Description
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_freebsd
https://www.freebsd.org/security/advisories/FreeBSD-SA-05:02.sendfile.asc
Scores
EPSS
0.0123
EPSS Percentile
79.4%
Details
Status
published
Products (17)
dragonflybsd/dragonflybsd
1.0
dragonflybsd/dragonflybsd
1.1
freebsd/freebsd
4.0 (3 CPE variants)
freebsd/freebsd
4.1
freebsd/freebsd
4.1.1 (3 CPE variants)
freebsd/freebsd
4.2 (2 CPE variants)
freebsd/freebsd
4.3 (5 CPE variants)
freebsd/freebsd
4.4 (4 CPE variants)
freebsd/freebsd
4.5 (5 CPE variants)
freebsd/freebsd
4.6 (5 CPE variants)
... and 7 more
Published
May 02, 2005
Tracked Since
Feb 18, 2026