Описание
In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitTechnical DescriptionThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.2 (исключая)
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.0062
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 7.8
debian
больше 7 лет назад
In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() ...
CVSS3: 7.8
github
больше 3 лет назад
In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context.
EPSS
Процентиль: 70%
0.0062
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119