CVE-2017-1087

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 10.4-STABLE FreeBSD version 10.4-RELEASE-p3 and earlier FreeBSD version 10.3-RELEASE-p24 and earlier

Description The issue allows a malicious user with access to a jailed system to abuse shared memory by injecting malicious content into the shared memory region. This could lead to a Denial of Service or local privilege escalation, potentially affecting applications that trust the shared memory, such as Squid.

Recommendations For versions prior to 10.4-STABLE, update to 10.4-STABLE or later. For version 10.4-RELEASE-p3 and earlier, update to 10.4-RELEASE-p3 or later. For version 10.3-RELEASE-p24 and earlier, update to 10.3-RELEASE-p24 or later.