N/A

Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a different vulnerability than CVE-2006-4172.

N/A

N/A

FreeBSD I386_Set_LDT()多个本地拒绝服务漏洞

FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD中的i386_set_ldt()调用允许用户系统的程序动态管理每个进程的本地描述符表。由于使用了有符号的整数且缺少输入验证，内核中bzero可能会被要求处理很大的参数，漏洞代码如下： 415 int error = 0, i; 416 int largest_ld; .. 449 largest_ld = uap->start + uap->num; 450 if (largest_ld > pldt->l

N/A

N/A