Shared Memory Reference Count Vulnerability

Shared Memory Reference Count Vulnerability

CVE-2004-0114 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.

Learn more about our User Device Pen Test.