CVE-2014-3873CVE-2014-3873

Affected configuration(s):

cpe:/o:freebsd:freebsd:8.4
cpe:/o:freebsd:freebsd:9.1
cpe:/o:freebsd:freebsd:9.2:-
cpe:/o:freebsd:freebsd:9.3:beta1

Date published: 2014-06-10T10:55:10.287-04:00

Date last modified: 2014-06-24T10:41:48.640-04:00

CVSS Score: 2.1

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A12.ktrace.asc

Summary: The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *