VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 15, 1999· Updated Apr 16, 2026

CVE-1999-1518

CVE-1999-1518

Description

CVE-1999-1518: Shared memory implementations based on 4.4BSD allow local users to bypass memory limits (rlimits) via mmap or shmget, leading to denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-1999-1518: Shared memory implementations based on 4.4BSD allow local users to bypass memory limits (rlimits) via mmap or shmget, leading to denial of service.

Vulnerability

CVE-1999-1518 describes a vulnerability in operating systems with shared memory implementations derived from BSD 4.4 code [1]. A local user can bypass memory limits, such as those enforced by resource limits (rlimits), by using mmap() or shmget() to allocate large amounts of shared memory and then triggering page faults to force physical memory allocation [1]. The affected systems include FreeBSD, Linux, and Irix, though the exact versions are not specified in the reference [1].

Exploitation

An attacker with local user access to the system can call mmap() or shmget() to request a large shared memory segment [1]. Then, the attacker triggers page faults across the entire allocated region, causing the operating system to page in the data from the file or swap, ultimately consuming all available physical memory [1]. The attack does not require special privileges beyond local user access [1].

Impact

Successful exploitation results in a denial of service (DoS) condition where the system exhausts its memory, potentially causing the kernel to kill the offending process or the system to become unresponsive [1]. With System V IPC, shared memory segments persist even after the process terminates, so the memory remains consumed and unavailable to the system until explicitly destroyed or the system is rebooted [1]. The attacker does not achieve code execution or data compromise; the impact is purely availability [1].

Mitigation

Not yet disclosed in the available references. The referenced Bugtraq post [1] from 1999 does not provide a specific fix, patch, or workaround. Administrators may consider restricting local access to trusted users or monitoring shared memory usage as temporary measures. No CVE assignment or vendor advisories regarding a fix are mentioned in the provided reference.

References
  1. 'Shared memory DoS's' - MARC

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

20
  • FreeBSD/FreeBSD16 versions
    cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*
  • NetBSD/NetBSD4 versions
    cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

Synthesis attempt was rejected by the grounding validator. Re-run pending.

References

3

News mentions

0

No linked articles in our index yet.