2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Problem Description:
Due to an overlooked merge to -STABLE branches, the size
for page fault kernel trace entries was set incorrectly.
Impact:
A user who can enable kernel process tracing could end
up reading the contents of kernel memory.
Such memory might contain sensitive information, such
as portions of the file cache or terminal buffers. This
information might be directly useful, or it might be leveraged
to obtain elevated privileges in some way; for example, a
terminal buffer might include a user-entered password.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | freebsd-kernel | = 9.2 | UNKNOWN |
FreeBSD | any | noarch | freebsd-kernel | < 9.2_7 | UNKNOWN |