CVE-2013-5691

Name of the Vulnerable Software and Affected Versions FreeBSD versions 8.3 through 9.2-STABLE

Description The issue concerns the lack of validation in the IPv6 and ATM ioctl request handlers within the kernel. This allows local users to perform certain link-layer actions, cause a denial of service, or possibly gain privileges by using a crafted application. The handlers do not properly validate SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR, and SIOCSIFNETMASK requests.

Recommendations For FreeBSD versions 8.3 through 9.2-STABLE, consider updating to a version that includes the necessary patches to validate ioctl requests. As a temporary workaround, restrict local user privileges to minimize the risk of exploitation.