CVE-2017-1082

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 11.1-RELEASE FreeBSD versions prior to 10.4-RELEASE

Description The qsort algorithm in the affected versions has a deterministic recursion pattern. This can be exploited by feeding a pathological input, leading to excessive stack usage and a potential overflow. Applications using qsort for large data sets may crash if the input follows this pathological pattern.

Recommendations For versions prior to 11.1-RELEASE, update to 11.1-RELEASE or later to resolve the issue. For versions prior to 10.4-RELEASE, update to 10.4-RELEASE or later to resolve the issue.