Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2016/08/12 12:0 a.m.28 views

FreeBSD : FreeBSD -- Kernel memory disclosure in control messages and SCTP (7240de58-6007-11e6-a6c3-14dae9d210b8)

Buffer between control message header and data may not be completely initialized before being copied to userland. CVE-2014-3952 Three SCTP cmsgs, SCTPSNDRCV, SCTPEXTRCV and SCTPRCVINFO, have implicit padding that may not be completely initialized before being copied to userland. In addition, thre...

4.9CVSS5.9AI score0.0035EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/11/10 12:0 a.m.32 views

Debian DSA-3070-1 : kfreebsd-9 - security update

Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or information disclosure. - CVE-2014-3711 Denial of service through memory leak in sandboxed namei lookups. - CVE-2014-3952 Kernel memory disclosure in sockbuf control messages. - CVE-2014-395...

5CVSS5.4AI score0.0157EPSS
Exploits0References10
CVE
CVE
added 2014/07/15 2:0 p.m.52 views

CVE-2014-3952

CVE-2014-3952 is a local kernel memory disclosure in FreeBSD-related kernels. The vulnerability stems from improper initialization of the buffer between the control message header and data for sockbuf control messages, allowing an unprivileged local process to read kernel memory. Affected: FreeBS...

4.9CVSS5.6AI score0.00339EPSS
Exploits0References6Affected Software1
FreeBSD Advisory
FreeBSD Advisory
added 2014/07/08 12:0 a.m.15 views

FreeBSD-SA-14:17.kmem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:17.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in control messages and SCTP notifications Category: core Module: kern, sctp...

4.9CVSS6AI score0.0035EPSS
Exploits0
FreeBSD
FreeBSD
added 2014/07/08 12:0 a.m.22 views

FreeBSD -- Kernel memory disclosure in control messages and SCTP

Problem Description: Buffer between control message header and data may not be completely initialized before being copied to userland. CVE-2014-3952 Three SCTP cmsgs, SCTPSNDRCV, SCTPEXTRCV and SCTPRCVINFO, have implicit padding that may not be completely initialized before being copied to...

4.9CVSS6.1AI score0.0035EPSS
Exploits0
Rows per page
Query Builder