PT-2016-2096 · Freebsd · Freebsd
Cturt
·
Published
2016-05-17
·
Updated
2017-04-20
·
CVE-2016-1886
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
FreeBSD versions 9.3 before p42
FreeBSD versions 10.1 before p34
FreeBSD versions 10.2 before p17
FreeBSD versions 10.3 before p3
Description
The issue is caused by an integer signedness error in the
genkbd commonioctl function, located in sys/dev/kbd/kbd.c, which can lead to a buffer overflow. This allows a local attacker to obtain sensitive information from kernel memory, cause a denial of service, or gain privileges. The vulnerability is triggered by a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call.Recommendations
For FreeBSD version 9.3, update to p42 or later.
For FreeBSD version 10.1, update to p34 or later.
For FreeBSD version 10.2, update to p17 or later.
For FreeBSD version 10.3, update to p3 or later.
Exploit
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Freebsd