Vulnerabilities

CVE-2014-0998

by Fred · 02/02/2015

Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index error and out-of-bounds kernel memory access.

Date published : 2015-02-02

http://www.securityfocus.com/archive/1/534563/100/0/threaded

https://www.freebsd.org/security/advisories/FreeBSD-EN-15:01.vt.asc

Similar

Tags: Cybersecurity Alert