Lucene search
HistoryJun 10, 2014 - 2:55 p.m.
CVE-2014-3873
cve-2014-3873
ktrace utility
freebsd kernel
security
vulnerability
sensitive information
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace.
Affected configurations
Node
freebsdfreebsdMatch8.4
ORfreebsdfreebsdMatch9.1
ORfreebsdfreebsdMatch9.2-
ORfreebsdfreebsdMatch9.3beta1
| CPE | Name | Operator | Version |
|---|---|---|---|
| freebsd:freebsd | freebsd | eq | 8.4 |
| freebsd:freebsd | freebsd | eq | 9.1 |
| freebsd:freebsd | freebsd | eq | 9.2 |
| freebsd:freebsd | freebsd | eq | 9.3 |
Related
cvelist
cvelist
CVE-2014-3873
2014-06-10 14:00:00
prion
prion
Design/Logic Flaw
2014-06-10 14:55:00
freebsd
freebsd
FreeBSD -- ktrace kernel memory disclosure
2014-06-03 00:00:00
ubuntucve
ubuntucve
CVE-2014-3873
2014-06-10 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-14:12.ktrace
2014-06-04 00:00:00
FreeBSD ktrace information leakage
2014-06-04 00:00:00
nessus
nessus
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:12.ktrace
2014-06-03 00:00:00
nvd
nvd
CVE-2014-3873
2014-06-10 14:55:10
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-3873