First published: Mon Jan 09 2006(Updated: )
The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
NetBSD NetBSD | =1.6 | |
NetBSD NetBSD | =2.1 | |
NetBSD NetBSD | =2.0.2 | |
NetBSD NetBSD | =1.6.1 | |
NetBSD NetBSD | =2.0.3 | |
NetBSD NetBSD | =1.6.2 | |
NetBSD NetBSD | =1.6-beta | |
NetBSD NetBSD | =2.0.1 | |
NetBSD NetBSD | =2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.