Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.

CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".