CVE-2011-4062

NameCVE-2011-4062
DescriptionBuffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX socket.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2325-1
NVD severityhigh (attack range: local)
Debian Bugs645377

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kfreebsd-10 (PTS)jessie10.1~svn274115-4fixed
sid, stretch10.3~svn300087-3fixed
kfreebsd-8 (PTS)wheezy8.3-6+deb7u1fixed
kfreebsd-9 (PTS)wheezy, wheezy (security)9.0-10+deb70.10fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kfreebsd-10source(unstable)10.0~svn226224-1high
kfreebsd-7source(unstable)(unfixed)high
kfreebsd-8source(unstable)8.2-11high645377
kfreebsd-8sourcesqueeze8.1+dfsg-8+squeeze2highDSA-2325-1
kfreebsd-9source(unstable)9.0~svn225873-1high

Search for package or bug name: Reporting problems