[原文]The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory map created with MAP_ANON and MAP_NOSYNC flags.
FreeBSD Virtual Memory Management msync mmap Local DoS
Local Access Required
Denial of Service
Loss of Availability
FreeBSD contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user calls msync(2) on an anonymous, asynchronous memory map (i.e. created using the mmap flags MAP_ANON and MAP_NOSYNC) which had not been accessed previously, and will result in loss of availability for the platform.
Upgrade to version 4.5-STABLE; or to either of the RELENG_4_5 (4.5-RELEASE-p3) or RELENG_4_4 (4.4-RELEASE-p10) security branches dated after the respective correction dates, as it has been reported to fix this vulnerability. In addition, FreeBSD has released a patch for some older versions.