CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.2%
Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast.c and (2) sys/netinet6/in6_mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write operations, and consequently gain privileges, via vectors involving a large number of source-filter entries.
Vendor | Product | Version | CPE |
---|---|---|---|
freebsd | freebsd | 8.3 | cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:* |
freebsd | freebsd | 9.0 | cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:* |
freebsd | freebsd | 9.1 | cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:* |
freebsd | freebsd | 9.1 | cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:* |
freebsd | freebsd | 9.1 | cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:* |
freebsd | freebsd | 9.2 | cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:* |