CVE-2014-3711
Severity CVSS v4.0:
Pending analysis
Type:
CWE-399
Resource Management Errors
Publication date:
27/10/2014
Last modified:
12/04/2025
Description
namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.2:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.3:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:9.3:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:10.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:10.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:10.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:10.1:rc1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/62218
- http://www.debian.org/security/2014/dsa-3070
- http://www.securitytracker.com/id/1031100
- https://www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc
- http://secunia.com/advisories/62218
- http://www.debian.org/security/2014/dsa-3070
- http://www.securitytracker.com/id/1031100
- https://www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc