Vulnerability Details CVE-2004-0435
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.7%
CVSS Severity
CVSS v2 Score 3.6
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:11.msync.asc
- http://secunia.com/advisories/11714
- http://www.securityfocus.com/bid/10416
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16254
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:11.msync.asc
- http://secunia.com/advisories/11714
- http://www.securityfocus.com/bid/10416
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16254
Products affected by CVE-2004-0435
-
cpe:2.3:o:freebsd:freebsd:4.0
-
cpe:2.3:o:freebsd:freebsd:4.10
-
cpe:2.3:o:freebsd:freebsd:4.8
-
cpe:2.3:o:freebsd:freebsd:4.9
-
cpe:2.3:o:freebsd:freebsd:5.2
-
cpe:2.3:o:freebsd:freebsd:5.2.1