FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

buffer cache invalidation implementation issues

Affected systems
5.0 <= FreeBSD < 5.2_8
4.9 <= FreeBSD < 4.9_9
4.0 <= FreeBSD < 4.8_22

Details

VuXML ID 1db1ed59-af07-11d8-acb9-000d610a3b12
Discovery 2004-04-24
Entry 2004-05-26

Programming errors in the implementation of the msync(2) system call involving the MS_INVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents.

In some situations, a user with read access to a file may be able to prevent changes to that file from being committed to disk.

References

CVE Name CVE-2004-0435
FreeBSD Advisory SA-04:11.msync