CVE-2013-2171

Name of the Vulnerable Software and Affected Versions FreeBSD versions 9.0 through 9.1-RELEASE-p4

Description The issue concerns the vm map lookup function in the kernel's mmap implementation, which fails to properly determine whether a task should have write access to a memory location. This allows local users to bypass filesystem write permissions and gain privileges by leveraging read permissions through a crafted application that makes mmap and ptrace system calls.

Recommendations For FreeBSD versions 9.0 through 9.1-RELEASE-p4, consider restricting access to the vm map lookup function until a patch is available. As a temporary workaround, avoid using the mmap and ptrace system calls in applications that require elevated privileges.