Friday, November 03, 2006

MOKB-03-11-2006: FreeBSD 6.1 UFS filesystem ffs_mountfs() integer overflow

The UFS filesystem handling code of the FreeBSD 6.1 kernel fails to properly handle corrupted data structures, leading to exploitable memory corruption (DoS) issues and possible arbitrary code execution. This particular vulnerability is caused by an integer overflow at ffs_mountfs() function.

More details: