CVE-2018-6920
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In FreeBSD before 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE(r332321), and 10.4-RELEASE-p9, due to insufficient initialization of memory copied to userland in the Linux subsystem and Atheros wireless driver, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of privileged kernel data.
En FreeBSD, en versiones anteriores a la 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE(r332321) y 10.4-RELEASE-p9, debido a la insuficiente inicialización de la memoria copiada en userland en el subsistema de Linux y el controlador inalámbrico de Atheros, pequeñas cantidades de la memoria del kernel pueden divulgarse a los procesos de userland. Los usuarios locales sin privilegios autenticados podrían ser capaces de acceder a pequeñas cantidades de datos privilegiados del kernel.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-02-12 CVE Reserved
- 2018-05-08 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/104114 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://security.FreeBSD.org/advisories/FreeBSD-EN-18:05.mem.asc | 2018-06-13 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | >= 10.0 < 10.4 Search vendor "Freebsd" for product "Freebsd" and version " >= 10.0 < 10.4" | - |
Affected
| ||||||
Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | >= 11.0 < 11.1 Search vendor "Freebsd" for product "Freebsd" and version " >= 11.0 < 11.1" | - |
Affected
|