CVE-2015-1415

Name of the Vulnerable Software and Affected Versions FreeBSD versions 10.0 through 10.1 p8

Description The issue concerns the bsdinstall installer in FreeBSD, specifically when configuring full disk encrypted ZFS. It uses world-readable permissions for the GELI keyfile (/boot/encryption.key), allowing local users to obtain sensitive key information by reading the file.

Recommendations For FreeBSD versions 10.0 through 10.1 p8, update to a version later than 10.1 p8 to resolve the issue. As a temporary workaround, consider changing the permissions of the /boot/encryption.key file to restrict access until a patch is applied.