Published: 12/02/2019 Updated: 30/12/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE prior to 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.

Vulnerability Trend

Affected Products

Vendor Product Versions
FreebsdFreebsd11.2, 12.0

Mailing Lists

Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02fd ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:02fd Security Advisory The FreeBSD Project Topic: File description reference count leak Category: ...