CVE-2018-6924

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 11.1-STABLE FreeBSD versions prior to 11.2-RELEASE-p3 FreeBSD versions prior to 11.1-RELEASE-p14 FreeBSD versions prior to 10.4-STABLE FreeBSD versions prior to 10.4-RELEASE-p12

Description The issue is caused by insufficient validation in the ELF header parser, which could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory. This could potentially impact the confidentiality of protected information or cause a denial of service.

Recommendations For versions prior to 11.1-STABLE, update to 11.1-STABLE or later. For versions prior to 11.2-RELEASE-p3, update to 11.2-RELEASE-p3 or later. For versions prior to 11.1-RELEASE-p14, update to 11.1-RELEASE-p14 or later. For versions prior to 10.4-STABLE, update to 10.4-STABLE or later. For versions prior to 10.4-RELEASE-p12, update to 10.4-RELEASE-p12 or later.