Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VALUE option, or (2) read arbitrary kernel memory via the stream id to the getsockopt function, when getting the SCTP_SS_PRIORITY option.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeBSD Stream Control Transmission Protocol模块授权问题漏洞
Vulnerability Description
FreeBSD是由Core Team团队负责的FreeBSD项目中的一套类Unix自由操作系统,是经过BSD、386BSD和4.4BSD发展而来的类Unix的一个重要分支。Stream Control Transmission Protocol(SCTP,流控制传输协议)是其中的一个用于在两个端点之间提供稳定、有序的数据传递服务并能够保护数据消息边界的传输协议模块。 FreeBSD的SCTP模块中存在数组索引错误漏洞。当程序设置SCTIP_SS_VALUE选项时,本地攻击者可借助setsockopt函数的
CVSS Information
N/A
Vulnerability Type
N/A