In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution.
[
{
"product": "FreeBSD",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FreeBSD 11.4-RELEASE before p1"
}
]
}
]