Freebsd : Security Vulnerabilities, CVEs, Published In 2010 CVSS score >= 7
The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs.
Max CVSS
7.8
EPSS Score
0.20%
Published
2010-11-22
Updated
2024-02-15
FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.
Max CVSS
7.2
EPSS Score
0.04%
Published
2010-07-13
Updated
2010-07-14
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
Max CVSS
9.3
EPSS Score
86.92%
Published
2010-05-28
Updated
2011-07-29
3 vulnerabilities found