Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap

To: submit@bugs.debian.org
Subject: Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap
From: Steven Chamberlain <steven@pyro.eu.org>
Date: Tue, 18 Jun 2013 13:32:44 +0100
Message-id: <[🔎] 51C0536C.7090802@pyro.eu.org>
Reply-to: Steven Chamberlain <steven@pyro.eu.org>, 712664@bugs.debian.org

Source: kfreebsd-9
Version: 9.0-11
Severity: grave
Tags: security upstream
Control: found -1 kfreebsd-9/9.0~svn223109-0.1

Privilege escalation via mmap:
http://security.freebsd.org/advisories/FreeBSD-SA-13:06.mmap.asc

This was introduced by r199819 when FreeBSD 9 was the SVN head.  As such
it affects 9.0 as well as 10.0 snapshots before today; I'm preparing a
backport from 9-STABLE.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages kfreebsd-image-9.0-2-amd64 depends on:
ii  devd           9.0+ds1-9
ii  freebsd-utils  9.0+ds1-9
ii  kbdcontrol     9.0+ds1-9
ii  kldutils       9.0+ds1-9

kfreebsd-image-9.0-2-amd64 recommends no packages.

kfreebsd-image-9.0-2-amd64 suggests no packages.

-- no debconf information

Reply to:

Follow-Ups:
- Processed: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Processed: Re: Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap
  - From: Steven Chamberlain <steven@pyro.eu.org>
- Bug#712664: marked as done (kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#712664: marked as done (kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap
Next by Date: Re: Java defaults for kfreebsd-amd64
Previous by thread: Bug#712633: marked as done (Include freebsd-config into freebsd-buildutils)
Next by thread: Processed: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap
Index(es):
- Date
- Thread