vulnerability
FreeBSD: VID-5b1463dd-dab3-11e7-b5af-a4badb2f4699 (CVE-2017-1087): FreeBSD -- POSIX shm allows jails to access global namespace
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Dec 6, 2017 | Dec 6, 2017 | Dec 10, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Dec 6, 2017
Added
Dec 6, 2017
Modified
Dec 10, 2025
Description
Problem Description: Named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. Impact: A malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the shared memory region. This memory region might be executed by applications trusting the shared memory, like Squid. This issue could lead to a Denial of Service or local privilege escalation.
Solutions
freebsd-upgrade-base-10_4-release-p3freebsd-upgrade-base-10_3-release-p24
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.