CVE-2010-4210

Name of the Vulnerable Software and Affected Versions FreeBSD versions 7.x before 7.3-RELEASE FreeBSD versions 8.x before 8.0-RC1

Description The issue is related to the pfs getextattr function, which can cause a denial of service, allow overwriting of arbitrary memory locations, and possibly execute arbitrary code. This is due to the function unlocking a mutex that was not previously locked. The issue can be triggered by opening a file on a file system that uses pseudofs.

Recommendations For FreeBSD versions 7.x before 7.3-RELEASE, update to 7.3-RELEASE or later to resolve the issue. For FreeBSD versions 8.x before 8.0-RC1, update to 8.0-RC1 or later to resolve the issue.