CVE-2010-2693
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
13/07/2010
Last modified:
11/04/2025
Description
FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.1:pre-release:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.1:release-p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.1:release-p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.1:release-p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.1:release-p5:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.1:release-p6:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.2:stable:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:8.1:pre-release:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/40567
- http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc
- http://www.securityfocus.com/bid/41577
- http://www.securitytracker.com/id?1024182=
- http://www.vupen.com/english/advisories/2010/1787
- http://secunia.com/advisories/40567
- http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc
- http://www.securityfocus.com/bid/41577
- http://www.securitytracker.com/id?1024182=
- http://www.vupen.com/english/advisories/2010/1787