Cache Corruption Vulnerability in ipfw on FreeBSD 5.4 with SMP/UP and PREEMPTION Kernel Option

Cache Corruption Vulnerability in ipfw on FreeBSD 5.4 with SMP/UP and PREEMPTION Kernel Option

CVE-2005-2019 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions.

Learn more about our Web Application Penetration Testing UK.