CVE-2005-2019 : ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Proc

ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions.

Published 2005-07-05 04:00:00

Updated 2025-04-03 01:03:51

Source FreeBSD

View at NVD, CVE.org

Products affected by CVE-2005-2019

Freebsd » Freebsd » Version: 5.4
cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-2019

EPSS FAQ

0.22%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 42 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-2019

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2005-2019

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:13.ipfw.asc

Vendor Advisory

Jump to

Vulnerability Details : CVE-2005-2019

Products affected by CVE-2005-2019

Exploit prediction scoring system (EPSS) score for CVE-2005-2019

CVSS scores for CVE-2005-2019

References for CVE-2005-2019