Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenBSD systrace 内核组件本地整数溢出漏洞
Vulnerability Description
OpenBSD是一款开放源代码Unix类操作系统,OpenBSD的systrace功能可以允许或拒绝被管理进程所执行的syscall。 systrace的内核组件中存在整数溢出漏洞,攻击者可以通过在systrace ioctl()中指定很大的整数值触发这个漏洞,导致绕过安全检查、向任意内核地址越界写入空字节或读取内核内存块。 漏洞代码在systrace_preprepl函数中: for (i = 0, len = 0; i < repl->strr_nrepl; i++) { len += repl->s
CVSS Information
N/A
Vulnerability Type
N/A