Vulnerabilities > CVE-2002-1667 - Denial-Of-Service vulnerability in Freebsd 4.5

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

freebsd

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory map created with MAP_ANON and MAP_NOSYNC flags.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 4.5	2

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:22.mmap.asc
https://exchange.xforce.ibmcloud.com/vulnerabilities/8921