CVE-2010-4210 Information

Description

The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked which allows local users to cause a denial of service (kernel panic) overwrite arbitrary memory locations and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs.

Reference

http://secunia.com/advisories/42200 http://security.FreeBSD.org/advisories/FreeBSD-SA-10:09.pseudofs.asc http://www.securitytracker.com/id?1024724 http://www.vupen.com/english/advisories/2010/2956 https://exchange.xforce.ibmcloud.com/vulnerabilities/63218 https://www.exploit-db.com/exploits/15206/