OpenBSD Semget() Integer Overflow Vulnerability

A vulnerability has been discovered in the OpenBSD semget() system call. The problem occurs due to insufficient sanity checks before allocating memory using the user-supplied nsems value as an argument. As a result, an attacker may be capable of modifying the running kernel.

This vulnerability was introduced in OpenBSD 3.3 and as such, no other versions are affected.


 

Privacy Statement
Copyright 2010, SecurityFocus