PT-2018-17820 · Freebsd · Freebsd
Ilja Van Sprundel
·
Publicado
2018-04-04
·
Atualizado
2018-05-24
·
CVE-2018-6919
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
FreeBSD versions prior to 11.1-STABLE
FreeBSD versions prior to 11.1-RELEASE-p9
FreeBSD versions prior to 10.4-STABLE
FreeBSD versions prior to 10.4-RELEASE-p8
FreeBSD versions prior to 10.3-RELEASE-p28
Description
The issue is due to insufficient initialization of memory copied to userland, which may disclose small amounts of kernel memory to userland processes. Unprivileged users may be able to access small amounts of privileged kernel data.
Recommendations
For versions prior to 11.1-STABLE, update to 11.1-STABLE or later.
For versions prior to 11.1-RELEASE-p9, update to 11.1-RELEASE-p9 or later.
For versions prior to 10.4-STABLE, update to 10.4-STABLE or later.
For versions prior to 10.4-RELEASE-p8, update to 10.4-RELEASE-p8 or later.
For versions prior to 10.3-RELEASE-p28, update to 10.3-RELEASE-p28 or later.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Freebsd