Description
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges.
References (3)
Core 3
Core References
Patch mailing-list
x_refsource_mlist
http://mail-index.netbsd.org/source-changes/2005/09/13/0024.html
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-008.txt.asc
Patch vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20757
Scores
EPSS
0.0005
EPSS Percentile
15.6%
Details
Status
published
Products (6)
netbsd/netbsd
1.6 (2 CPE variants)
netbsd/netbsd
1.6.1
netbsd/netbsd
1.6.2
netbsd/netbsd
2.0
netbsd/netbsd
2.0.1
netbsd/netbsd
2.0.2
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026