Debian Security Advisory
DSA-2325-1 kfreebsd-8 -- privilege escalation/denial of service
- Date Reported:
- 23 Oct 2011
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2011-4062.
- More information:
Buffer overflow in the
Linux emulationsupport in FreeBSD kernel allows local users to cause a denial of service (panic) and possibly execute arbitrary code by calling the bind system call with a long path for a UNIX-domain socket, which is not properly handled when the address is used by other unspecified system calls.
For the stable distribution (squeeze), this problem has been fixed in version 8.1+dfsg-8+squeeze2.
For the unstable distribution (sid), this problem has been fixed in version 8.2-9.
We recommend that you upgrade your kfreebsd-8 packages.