CVE-2014-3880
FreeBSD 8.4 < p11, 9.1 < p14, 9.2 < p7, 10.0 < p4 - Denial of Service via Execve System Call
Title source: llmDescription
The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a process before all threads have terminated, which allows local users to cause a denial of service (triple-fault and system reboot) via a crafted system call, which triggers an invalid page table pointer dereference.
References (3)
Core 3
Core References
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-2952
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59034
Vendor Advisory x_refsource_confirm
http://www.freebsd.org/security/advisories/FreeBSD-EN-14%3A06.exec.asc
Scores
EPSS
0.0005
EPSS Percentile
14.9%
Details
CWE
CWE-20
Status
published
Products (4)
freebsd/freebsd
8.4
freebsd/freebsd
9.1
freebsd/freebsd
9.2
freebsd/freebsd
10.0
Published
Jun 10, 2014
Tracked Since
Feb 18, 2026