Title: FreeBSD procfs Denial of Service Vulnerability
Severity: MODERATE
Description:
procfs is the Process Filesystem, a file system interface to the process table included with the FreeBSD Operating System. A problem exists which could allow a local user to deny service to legitimate users of a FreeBSD Server.
The problem occurs in the handling of /proc/<process id>/mem files. It is possible to launch a process which executes an mmap() system call and maps the memory address of it's own memory address space, as defined in /proc/<process id>mem. By doing so, the kernel enters an infinite loop and hangs, requiring a system reboot at the console. This problem with design makes it possible for a local user with malicious intent to crash the system, thus denying service to legitimate users.
Affected Products:
- FreeBSD FreeBSD 3.5.1
- FreeBSD FreeBSD 4.1.0
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.2.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
