FreeBSD Security Advisory FreeBSD-SA-05:07 - The i386_get_ldt(2) system call allows a process to request that a portion of its Local Descriptor Table be copied from the kernel into userland. The i386_get_ldt(2) syscall performs insufficient validation of its input arguments. In particular, negative or very large values may allow inappropriate data to be copied from the kernel.
04fa0fee6b63c8ba41c37a7811a6462ab62955205b703bf973f33ee92e6da579