PT-2017-2032 · Freebsd · Freebsd

Mateusz Guzik

·

Published

2016-01-14

·

Updated

2017-02-17

·

CVE-2016-1880

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions FreeBSD versions 9.3, 10.1, and 10.2
Description The issue is related to the handling of Linux futex robust lists in the Linux compatibility layer of the kernel, allowing local users to potentially gain privilege and read portions of kernel memory via unspecified vectors. This is due to insufficient access control in the kernel.
Recommendations For versions 9.3, 10.1, and 10.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2017-01199
CVE-2016-1880
FREEBSD-SA-16_03

Affected Products

Freebsd