Description
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory.
References (6)
Core 6
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2256
Patch, Vendor Advisory vendor-advisory
x_refsource_freebsd
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:08.kmem.asc
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17368
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15252
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13526
Scores
EPSS
0.0009
EPSS Percentile
25.3%
Details
Status
published
Products (15)
freebsd/freebsd
4.1
freebsd/freebsd
4.2
freebsd/freebsd
4.3
freebsd/freebsd
4.4
freebsd/freebsd
4.5
freebsd/freebsd
4.6
freebsd/freebsd
4.7
freebsd/freebsd
4.8
freebsd/freebsd
4.9
freebsd/freebsd
4.10
... and 5 more
Published
May 06, 2005
Tracked Since
Feb 18, 2026