• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

BSD Kernel ProcFS Handler UIO_Offset Integer Overflow Vulnerability

The BSD kernel has been reported prone to an integer overflow vulnerability. The issue presents itself in the procfs handling procedures, and has been reported to be due to a lack of sufficient sanity checks performed on 'uio' offset parameters.

This issue is reported to affect OpenBSD and FreeBSD. It is currently not know whether NetBSD or Darwin are affected by this issue.

A local attacker may exploit this issue on systems that have procfs enabled, to trigger a kernel panic or disclose potentially sensitive data stored in regions of memory that would otherwise be restricted.