vulnerability
FreeBSD: VID-86c89abf-2d91-11e9-bf3e-a4badb2f4699 (CVE-2019-5596): FreeBSD -- File description reference count leak
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Feb 11, 2019 | Feb 11, 2019 | Dec 10, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Feb 11, 2019
Added
Feb 11, 2019
Modified
Dec 10, 2025
Description
Problem Description: FreeBSD 12.0 attempts to handle the case where the receiving process does not provide a sufficiently large buffer for an incoming control message containing rights. In particular, to avoid leaking the corresponding descriptors into the receiving process' descriptor table, the kernel handles the truncation case by closing descriptors referenced by the discarded message. The code which performs this operation failed to release a reference obtained on the file corresponding to a received right. This bug can be used to cause the reference counter to wrap around and free the file structure. Impact: A local user can exploit the bug to gain root privileges or escape from a jail.
Solution
freebsd-upgrade-base-12_0-release-p3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.