CVE-2014-3711 | SynScan

Vulnerability Database

290,273

Total vulnerabilities in the database

CVE-2014-3711

namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.

Published: Oct 27, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3711
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	10.0	10.0.x
freebsd / freebsd	9.3-rc1	9.3-rc1.x
freebsd / freebsd	10.1-rc2	10.1-rc2.x
freebsd / freebsd	10.0-rc1	10.0-rc1.x
freebsd / freebsd	9.1	9.1.x
freebsd / freebsd	9.2	9.2.x
freebsd / freebsd	9.3	9.3.x
freebsd / freebsd	9.2-rc1	9.2-rc1.x
freebsd / freebsd	9.3-rc2	9.3-rc2.x
freebsd / freebsd	10.1-rc1	10.1-rc1.x
freebsd / freebsd	9.2-prerelease	9.2-prerelease.x
freebsd / freebsd	9.2-rc2	9.2-rc2.x
freebsd / freebsd	10.1	10.1.x
freebsd / freebsd	10.0-rc2	10.0-rc2.x
freebsd / freebsd	9.1-p4	9.1-p4.x
freebsd / freebsd	9.1-p5	9.1-p5.x