First published: Tue Feb 12 2019(Updated: )
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.
Credit: secteam@freebsd.org secteam@freebsd.org
Affected Software | Affected Version | How to fix |
---|---|---|
FreeBSD FreeBSD | =11.2 | |
FreeBSD FreeBSD | =12.0 | |
=11.2 | ||
=12.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.