Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3890

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-3890
Last Modified 10 Sep 2008 09:13:36
Published 05 Sep 2008 12:08:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-3890

Summary

The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call.

Vulnerable Systems

Operating System

  • Freebsd 6.3

  • Freebsd 7.0


References

XF - freebsd-fault-privilege-escalation(44905)

SECTRACK - 1020815

BID - 31003

FREEBSD - FreeBSD-SA-08:07

SECUNIA - 31743


Last Updated: 27 May 2016 10:48:20