Description
Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast.c and (2) sys/netinet6/in6_mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write operations, and consequently gain privileges, via vectors involving a large number of source-filter entries.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_freebsd
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:09.ip_multicast.asc
Patch x_refsource_confirm
http://svnweb.freebsd.org/base?view=revision&revision=254629
Scores
EPSS
0.0005
EPSS Percentile
14.9%
Details
CWE
CWE-189
Status
published
Products (4)
freebsd/freebsd
8.3
freebsd/freebsd
9.0
freebsd/freebsd
9.1 (3 CPE variants)
freebsd/freebsd
9.2 prerelease
Published
Aug 28, 2013
Tracked Since
Feb 18, 2026