Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 263844 (CVE-2009-1041)

Summary: =sys-freebsd/freebsd-sources-7.1: Memory overwrite/Privilege escalation (CVE-2009-1041)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: bsd+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~1 [noglsa]
Package list:
Runtime testing required: ---

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-03-26 08:46:05 UTC 
CVE-2009-1041 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1041):
  The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and
  7.2 allows local users to overwrite arbitrary kernel memory via an
  out-of-bounds timer value.
Comment 1 Alexis Ballier gentoo-dev 2009-05-12 09:05:56 UTC 
fixed in fbsd-sources-7.1-r1
Comment 2 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-05-12 10:11:40 UTC 
thanks, closing.