CVE-2015-1415

2015-04-10T15:00:00
ID CVE-2015-1415
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:55:00

Description

The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.