CVE-2010-2693

FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.

Published: Jul 13, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-2693
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	7.1-release-p2	7.1-release-p2.x
freebsd / freebsd	7.1-rc1	7.1-rc1.x
freebsd / freebsd	7.1-release-p1	7.1-release-p1.x
freebsd / freebsd	8.0	8.0.x
freebsd / freebsd	7.1-release-p6	7.1-release-p6.x
freebsd / freebsd	7.3	7.3.x
freebsd / freebsd	7.2-pre-release	7.2-pre-release.x
freebsd / freebsd	7.1	7.1.x
freebsd / freebsd	7.2	7.2.x
freebsd / freebsd	7.1-pre-release	7.1-pre-release.x
freebsd / freebsd	7.1-release-p4	7.1-release-p4.x
freebsd / freebsd	8.1-pre-release	8.1-pre-release.x
freebsd / freebsd	7.1-release-p5	7.1-release-p5.x
freebsd / freebsd	7.2-stable	7.2-stable.x

Vulnerability Database

290,301

CVE-2010-2693