CVE-2019-5607

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 12.0-RELEASE-p8 FreeBSD versions prior to 11.3-RELEASE-p1 FreeBSD versions prior to 11.2-RELEASE-p12

Description The issue allows a malicious local user to gain root privileges or escape from a jail by causing the reference counter to wrap, forcing a free event, due to rights transmitted over a domain socket not properly releasing a reference on transmission error.

Recommendations For versions prior to 12.0-RELEASE-p8, update to 12.0-RELEASE-p8 or later. For versions prior to 11.3-RELEASE-p1, update to 11.3-RELEASE-p1 or later. For versions prior to 11.2-RELEASE-p12, update to 11.2-RELEASE-p12 or later.