CVE-2010-2693

FreeBSD <8.1-PRERELEASE - DoS

Title source: llm

Description

FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kingcope · clocalfreebsd

https://www.exploit-db.com/exploits/14688

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/40567

[Patch, Vendor Advisory] http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc

[Patch] http://www.securitytracker.com/id?1024182

[Patch, Vendor Advisory] http://www.vupen.com/english/advisories/2010/1787

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/41577

Scores

EPSS 0.0017

EPSS Percentile 37.8%

Details

CWE

CWE-264

Status published

Products (5)

freebsd/freebsd 7.1 (8 CPE variants)

freebsd/freebsd 7.2 (3 CPE variants)

freebsd/freebsd 7.3

freebsd/freebsd 8.0

freebsd/freebsd 8.1 pre-release

Published Jul 13, 2010

Tracked Since Feb 18, 2026