CVE-2018-17155

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 11.2-STABLE(r338983) FreeBSD versions prior to 11.2-RELEASE-p4 FreeBSD versions prior to 11.1-RELEASE-p15 FreeBSD versions prior to 10.4-STABLE(r338984) FreeBSD versions prior to 10.4-RELEASE-p13

Description The issue allows unprivileged authenticated local users to access small amounts of privileged kernel data due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls. This may disclose small amounts of kernel memory to userland processes.

Recommendations For versions prior to 11.2-STABLE(r338983), update to 11.2-STABLE(r338983) or later. For versions prior to 11.2-RELEASE-p4, update to 11.2-RELEASE-p4 or later. For versions prior to 11.1-RELEASE-p15, update to 11.1-RELEASE-p15 or later. For versions prior to 10.4-STABLE(r338984), update to 10.4-STABLE(r338984) or later. For versions prior to 10.4-RELEASE-p13, update to 10.4-RELEASE-p13 or later.