4 matches found
FreeBSD : FreeBSD -- Kernel data leak via ptrace(PT_LWPINFO) (34a3f9b5-dab3-11e7-b5af-a4badb2f4699)
Not all information in the struct ptracelwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of information of the kernel stack...
CVE-2017-1086
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptracelwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure...
CVE-2017-1086
FreeBSD kernel information disclosure (CVE-2017-1086): On affected releases, not all data in ptrace_lwpinfo is relevant, and the kernel may leak kernel-stack bytes to userspace via PT_LWPINFO. This is a local leak affecting FreeBSD versions listed in the CVE description, with exploitation by obse...
FreeBSD-SA-17:08.ptrace
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-17:08.ptrace Security Advisory The FreeBSD Project Topic: Kernel data leak via ptracePTLWPINFO Category: core Module: ptrace Announced: 2017-11-15 Credits: Ilja...