cvedb.io
CVE-2017-15037
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2017-10-05T07:29:00.933 · Last modified 2026-06-17T01:07:10.353

Summary

In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character.

Affected products

freebsd — freebsd

Does this affect you?

Add your gear to cvedb and we'll alert you only when freebsd ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.