CVE-2008-3531
published 2008-09-05CVE-2008-3531: Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges…
PriorityP429medium6.9CVSS 2.0
AVLACMAuNCCICAC
EXPLOIT
EPSS
1.03%
59.4th percentile
Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
BSD
FreeBSD-SA-08:08.nmount: nmount(2) local arbitrary code execution
bsd_advisories·2008-09-03·CVSS 6.9
CVE-2008-3531 [MEDIUM] FreeBSD-SA-08:08.nmount: nmount(2) local arbitrary code execution
FreeBSD-SA-08:08.nmount Security Advisory
The FreeBSD Project
Topic: nmount(2) local arbitrary code execution
Category: core
Module: sys_kern
Announced: 2008-09-03
Credits: James Gritton
Affects: FreeBSD 7.0-RELEASE, FreeBSD 7.0-STABLE
Corrected: 2008-09-03 19:09:47 UTC (RELENG_7, 7.1-PRERELEASE)
2008-09-03 19:09:47 UTC (RELENG_7_0, 7.0-RELEASE-p4)
CVE Name: CVE-2008-3531
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .
I. Background
The mount(2) and nmount(2) system calls are used by various utilities
in the base system to graft a file system object on to the file system
tree to a given mount point. It is possible to allow unprivileged
users to utililize these syste
GHSA
GHSA-7x52-8p86-5px9: Stack-based buffer overflow in sys/kern/vfs_mount
ghsa_unreviewed·2022-05-02
CVE-2008-3531 [MEDIUM] CWE-119 GHSA-7x52-8p86-5px9: Stack-based buffer overflow in sys/kern/vfs_mount
Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions."
No detection rules found.
http://security.FreeBSD.org/advisories/FreeBSD-SA-08:08.nmount.aschttp://www.securityfocus.com/bid/31002http://www.securitytracker.com/id?1020816https://exchange.xforce.ibmcloud.com/vulnerabilities/45143http://security.FreeBSD.org/advisories/FreeBSD-SA-08:08.nmount.aschttp://www.securityfocus.com/bid/31002http://www.securitytracker.com/id?1020816https://exchange.xforce.ibmcloud.com/vulnerabilities/45143
2008-09-05
Published