CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".
Max CVSS
6.2
EPSS Score
0.04%
Published
2007-08-13
Updated
2008-09-05
Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
Max CVSS
6.2
EPSS Score
0.04%
Published
2007-08-13
Updated
2008-09-05
2 vulnerabilities found