Wednesday, November 08, 2006

MOKB-08-11-2006: FreeBSD 6.1 UFS filesystem ffs_rdextattr() integer overflow

The UFS filesystem handling code of the FreeBSD 6.1 kernel fails to properly handle corrupted data structures, leading to exploitable memory corruption (DoS) issues and possible arbitrary code execution. This particular vulnerability is caused by an integer overflow, similar to MOKB-03-11-2006.