CVE Vulnerabilities

CVE-2013-3077

Published: Aug 28, 2013 | Modified: Mar 18, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
HIGH

Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast.c and (2) sys/netinet6/in6_mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write operations, and consequently gain privileges, via vectors involving a large number of source-filter entries.

Affected Software

Name Vendor Start Version End Version
Freebsd Freebsd 8.3 (including) 8.3 (including)
Freebsd Freebsd 9.0 (including) 9.0 (including)
Freebsd Freebsd 9.1 (including) 9.1 (including)
Freebsd Freebsd 9.1-p4 (including) 9.1-p4 (including)
Freebsd Freebsd 9.1-p5 (including) 9.1-p5 (including)
Freebsd Freebsd 9.2-prerelease (including) 9.2-prerelease (including)
Kfreebsd-8 Ubuntu lucid *
Kfreebsd-8 Ubuntu upstream *

References