CVE-2018-6921
MEDIUMFreeBSD 11.0-11.1 - Unauthorized Kernel Memory Exposure via Network Subsystem
Title source: llmDescription
In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of privileged kernel data.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://security.FreeBSD.org/advisories/FreeBSD-EN-18:05.mem.asc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104118
Scores
CVSS v3
5.5
EPSS
0.0006
EPSS Percentile
18.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
freebsd/freebsd
11.0 - 11.1
Published
May 08, 2018
Tracked Since
Feb 18, 2026