FreeBSD Kernel Readv() Integer Overflow Vulnerability

FreeBSD Kernel Readv() Integer Overflow Vulnerability

It has been discovered that the readv() system call defined in the FreeBSD kernel code, fails to sufficiently decrement a file reference counter. As a result, under some circumstances it may be possible to overflow the file reference counter. This vulnerability could ultimately be leveraged to trigger a denial of service or to potentially leverage local privileges.