Severity: Unknown
Affected Package: kernel
Summary: Buffer overflow in handling of UNIX-domain socket addresses
The kernel does not validate the path length when a UNIX-domain socket is bound with bind(2); when the address is later returned it is copied into a fixed-length buffer, causing a buffer overflow. A local attacker can trigger a kernel panic or potentially execute code with elevated privileges, escape jails, or bypass security mechanisms.
No specific recommendations provided.
Aliases: CVE-2011-4062
Published: September 28, 2011
Last Modified: September 28, 2011