DSA-2672-1 kfreebsd-9 -- interpretation conflictID: oval:org.secpod.oval:def:601018 | Date: (C)2013-05-23 (M)2022-10-10 |
Class: PATCH | Family: unix |
Adam Nowacki discovered that the new FreeBSD NFS implementation processes a crafted READDIR request which instructs to operate a file system on a file node as if it were a directory node, leading to a kernel crash or potentially arbitrary code execution. The kfreebsd-8 kernel in the oldstable distribution does not enable the new NFS implementation. The Linux kernel is not affected by this vulnerability.