CVE-2008-3890
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
05/09/2008
Last modified:
09/04/2025
Description
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:amd64:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/31743
- http://security.freebsd.org/advisories/FreeBSD-SA-08:07.amd64.asc
- http://www.securityfocus.com/bid/31003
- http://www.securitytracker.com/id?1020815=
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44905
- http://secunia.com/advisories/31743
- http://security.freebsd.org/advisories/FreeBSD-SA-08:07.amd64.asc
- http://www.securityfocus.com/bid/31003
- http://www.securitytracker.com/id?1020815=
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44905