PT-2002-2127 · Freebsd · Freebsd+1

Published

2002-09-17

Updated

2016-10-18

CVE-2002-1125

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: FreeBSD versions prior to 4.6.2-RELEASE asmon versions prior to the fixed version ascpu versions prior to the fixed version bubblemon versions prior to the fixed version wmmon versions prior to the fixed version wmnet2 versions prior to the fixed version

Description: The issue affects FreeBSD port programs that utilize libkvm, allowing local users to read kernel memory due to open file descriptors for /dev/mem and /dev/kmem.

Recommendations: For FreeBSD versions prior to 4.6.2-RELEASE, update to a version that includes the fix for this issue. For asmon, ascpu, bubblemon, wmmon, and wmnet2, update to versions that include the fix for this issue. As a temporary workaround, consider restricting access to /dev/mem and /dev/kmem to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1125

Affected Products

Freebsd

Libkvm

PT-2002-2127 · Freebsd · Freebsd+1

CVE-2002-1125

Related Identifiers

Affected Products

References · 14