Integer Overflow in Memory Allocation Affects FreeBSD and NetBSD
CVE-2006-7252

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD; Netbsd
Vendor: CVE Published:; 25 July 2012

What is CVE-2006-7252?

An integer overflow vulnerability in the calloc function of jemalloc, found in libc for FreeBSD 6.4 and NetBSD, allows attackers to exploit memory allocation processes. By providing a large size value, an attacker may manipulate memory, potentially leading to memory-related issues such as buffer overflows. This weakness can facilitate various attack vectors aimed at executing unauthorized commands or gaining elevated privileges.

References

http://kqueue.org/blog/2012/03/05/memory-allocator-securi...

x_refsource_MISC

http://svnweb.freebsd.org/base?view=revision&revision=161263

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 25, 2012