Vulnerability Details CVE-2010-2693
FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.6%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/40567
- http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc
- http://www.securityfocus.com/bid/41577
- http://www.securitytracker.com/id?1024182
- http://www.vupen.com/english/advisories/2010/1787
- http://secunia.com/advisories/40567
- http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc
- http://www.securityfocus.com/bid/41577
- http://www.securitytracker.com/id?1024182
- http://www.vupen.com/english/advisories/2010/1787
Products affected by CVE-2010-2693
-
cpe:2.3:o:freebsd:freebsd:7.1
-
cpe:2.3:o:freebsd:freebsd:7.2
-
cpe:2.3:o:freebsd:freebsd:7.3
-
cpe:2.3:o:freebsd:freebsd:8.0
-
cpe:2.3:o:freebsd:freebsd:8.1