vulnerability

FreeBSD: VID-0d3f99f7-b30c-11e9-a87f-a4badb2f4699 (CVE-2019-5607): FreeBSD -- File description reference count leak

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Jul 30, 2019	Jul 31, 2019	Dec 10, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Jul 30, 2019

Added

Jul 31, 2019

Modified

Dec 10, 2025

Description

Problem Description: If a process attempts to transmit rights over a UNIX-domain socket and an error causes the attempt to fail, references acquired on the rights are not released and are leaked. This bug can be used to cause the reference counter to wrap around and free the corresponding file structure. Impact: A local user can exploit the bug to gain root privileges or escape from a jail.

Solutions

freebsd-upgrade-base-12_0-release-p8freebsd-upgrade-base-11_2-release-p12freebsd-upgrade-base-11_3-release-p1

References

CVE-2019-5607
https://attackerkb.com/topics/CVE-2019-5607
CWE-404
CWE-682

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today