CVE-2014-0998

Name of the Vulnerable Software and Affected Versions FreeBSD versions 9.3 before p10 FreeBSD versions 10.1 before p6

Description The issue is caused by an integer signedness error in the vt console driver, which allows local users to cause a denial of service and possibly gain privileges. This is achieved by passing a negative value in a VT WAITACTIVE ioctl call, resulting in an array index error and out-of-bounds kernel memory access.

Recommendations For FreeBSD versions 9.3 before p10, update to p10 or later to resolve the issue. For FreeBSD versions 10.1 before p6, update to p6 or later to resolve the issue.