Severity: Unknown
Affected Package: kernel
Summary: Incorrect argument validation in sysarch(2) LDT handling
A specific combination of sysarch(2) arguments requesting removal of a set of LDT descriptors triggered a bounds check that misused a signed intermediate value. This allowed unbounded zeroing of the process LDT and adjacent memory from usermode, which could panic the kernel and cause a local denial of service. Only the amd64 architecture is affected. Patch obtained from FreeBSD and applied in the 0.7.6 release.
No specific recommendations provided.
Aliases: CVE-2016-1885
Published: March 17, 2016
Last Modified: March 17, 2016