[原文]Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges.
NetBSD FreeBSD Binary Emulation Compatibility Code Local Overflow
Local Access Required
Denial of Service,
Loss of Integrity,
Loss of Availability
A local overflow exists in NetBSD. The emulation code for FreeBSD binaries fails to sufficiently check bounds, resulting in an integer overflow. With a specially crafted request, an attacker can change the flow of execution, resulting in a loss of integrity and/or availability.
Upgrade to version 2.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.