FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Out of bound read in elf_note_prpsinfo()

Affected packages
13.1 <= FreeBSD-kernel < 13.1_1
13.0 <= FreeBSD-kernel < 13.0_12
12.3 <= FreeBSD-kernel < 12.3_6

Details

VuXML ID 5028c1ae-1890-11ed-9b22-002590c1f29c
Discovery 2022-08-09
Entry 2022-08-10

Problem Description:

When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled.

Impact:

An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash.

References

CVE Name CVE-2022-23089
FreeBSD Advisory SA-22:09.elf

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.