Vulnerability Description
In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the shared memory region. This memory region might be executed by applications trusting the shared memory, like Squid. This issue could lead to a Denial of Service or local privilege escalation.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101867Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039810Third Party AdvisoryVDB Entry
- https://www.freebsd.org/security/advisories/FreeBSD-SA-17:09.shm.ascVendor Advisory
- http://www.securityfocus.com/bid/101867Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039810Third Party AdvisoryVDB Entry
- https://www.freebsd.org/security/advisories/FreeBSD-SA-17:09.shm.ascVendor Advisory
FAQ
What is CVE-2017-1087?
CVE-2017-1087 is a vulnerability with a CVSS score of 7.8 (HIGH). In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory ...
How severe is CVE-2017-1087?
CVE-2017-1087 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1087?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.