CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/01/30 5:15 a.m.•8 views

CVE-2025-0662

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

4.9CVSS0.00101EPSS

Vulnrichment•added 2025/01/30 4:49 a.m.•5 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

4.8AI score0.00101EPSS

Cvelist•added 2025/01/30 4:49 a.m.•13 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

0.00101EPSS

CVE•added 2025/01/30 4:49 a.m.•52 views

CVE-2025-0662

CVE-2025-0662 affects FreeBSD ktrace(2): the facility can log kernel structures to userspace and, in one case, dump a variable-sized sockaddr, copying the full sockaddr even when shorter, leaking up to 14 uninitialized bytes of kernel memory from a heap allocation to userspace. The issue is explo...

4.9CVSS6.2AI score0.00101EPSS

CNNVD•added 2025/01/30 12:0 a.m.•2 views

FreeBSD ktrace 安全漏洞

4.9CVSS6AI score0.00101EPSS

Tenable Nessus•added 2025/01/30 12:0 a.m.•8 views

FreeBSD : FreeBSD -- Uninitialized kernel memory disclosure via ktrace(2) (2830b374-debd-11ef-87ba-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2830b374-debd-11ef-87ba-002590c1f29c advisory. In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such...

4.9CVSS5.6AI score0.00101EPSS

FreeBSD•added 2025/01/29 12:0 a.m.•14 views

FreeBSD -- Uninitialized kernel memory disclosure via ktrace(2)

Problem Description: In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14...

4.9CVSS6.9AI score0.00101EPSS

FreeBSD Advisory•added 2025/01/29 12:0 a.m.•7 views

FreeBSD-SA-25:04.ktrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:04.ktrace Security Advisory The FreeBSD Project Topic: Uninitialized kernel memory disclosure via ktrace2 Category: core Module: ktrace Announced: 2025-01-29...

4.9CVSS5.8AI score0.00101EPSS

Positive Technologies•added 2025/01/29 12:0 a.m.•4 views

PT-2025-3998 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The ktrace facility logs the contents of kernel structures to userspace. In one case, ktrace dumps a variable-sized sockaddr to userspace, copying the full sockaddr even when it is shorter...

4.9CVSS6.7AI score0.00101EPSS

Exploits0References9

Tenable Nessus•added 2024/09/21 12:0 a.m.•19 views

FreeBSD : FreeBSD -- ktrace(2) fails to detach when executing a setuid binary (8fb61d94-771b-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8fb61d94-771b-11ef-9a62-002590c1f29c advisory. A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not...

7.5CVSS5.7AI score0.00249EPSS

CVE•added 2024/08/11 2:40 a.m.•46 views

CVE-2024-6760

CVE-2024-6760 describes a logic bug in FreeBSD's ktrace which disables kernel tracing for setuid programs. The flaw allows unprivileged users to trace and inspect the behavior of setuid binaries, potentially reading files they normally should not access (e.g., the local password database). Connec...

7.5CVSS6.4AI score0.00249EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/08/11 2:40 a.m.•13 views

CVE-2024-6760 ktrace(2) fails to detach when executing a setuid binary

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...

0.00249EPSS

FreeBSD Advisory•added 2024/08/07 12:0 a.m.•17 views

FreeBSD-SA-24:06.ktrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:06.ktrace Security Advisory The FreeBSD Project Topic: ktrace2 fails to detach when executing a setuid binary Category: core Module: ktrace Announced:...

7.5CVSS5.9AI score0.00249EPSS

FreeBSD•added 2024/08/07 12:0 a.m.•11 views

FreeBSD -- ktrace(2) fails to detach when executing a setuid binary

Problem Description: A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. Impact: The bug may be used by an unprivileged user to read the...

7.5CVSS7.4AI score0.00249EPSS

Tenable Nessus•added 2016/08/12 12:0 a.m.•24 views

FreeBSD : FreeBSD -- ktrace kernel memory disclosure (6e04048b-6007-11e6-a6c3-14dae9d210b8)

Due to an overlooked merge to -STABLE branches, the size for page fault kernel trace entries was set incorrectly. Impact : A user who can enable kernel process tracing could end up reading the contents of kernel memory. Such memory might contain sensitive information, such as portions of the file...

2.1CVSS6AI score0.00061EPSS