Denial of Service Vulnerability in Mac OS X and FreeBSD Kernels
CVE-2007-0267

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD; Mac Os X
Vendor: CVE Published:; 17 January 2007

What is CVE-2007-0267?

The ufs_lookup function in Mac OS X 10.4.8 and FreeBSD 6.1 kernels is susceptible to a vulnerability that allows local users to induce a denial of service condition, leading to kernel panic. This issue arises when a maliciously crafted UNIX File System (UFS) DMG image, containing a corrupted directory entry, is mounted. This could also lead to potential corruption of other filesystems, raising significant risks to system integrity. It is noteworthy that the FreeBSD vulnerability reportedly does not breach privilege boundaries.

References

http://www.vupen.com/english/advisories/2007/0171

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/22036

vdb-entryx_refsource_BID

http://www.us-cert.gov/cas/techalerts/TA07-072A.html

third-party-advisoryx_refsource_CERT

Timeline

Vulnerability published
Jan 17, 2007
Vulnerability Reserved
Jan 16, 2007