CVE-2014-3952
FreeBSD <8.4p14, <9.1p17, <9.2p10, <10.0p7 - Info Disclosure
Title source: llmDescription
FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize the buffer between the header and data of a control message, which allows local users to obtain sensitive information from kernel memory via unspecified vectors.
References (6)
Core 6
Core References
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-3070
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030539
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62218
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68466
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/94448
Vendor Advisory vendor-advisory
x_refsource_freebsd
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:17.kmem.asc
Scores
EPSS
0.0007
EPSS Percentile
21.3%
Details
CWE
CWE-119
Status
published
Products (4)
freebsd/freebsd
8.4
freebsd/freebsd
9.1
freebsd/freebsd
9.2
freebsd/freebsd
10.0
Published
Jul 15, 2014
Tracked Since
Feb 18, 2026