vulnerability
FreeBSD: VID-02FB9764-1893-11ED-9B22-002590C1F29C (CVE-2022-23091): FreeBSD -- Memory disclosure by stale virtual memory mapping
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
2 | (AV:L/AC:L/Au:N/C:N/I:P/A:N) | Aug 9, 2022 | Nov 4, 2022 | Feb 18, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
Aug 9, 2022
Added
Nov 4, 2022
Modified
Feb 18, 2025
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-02FB9764-1893-11ED-9B22-002590C1F29C:
Problem Description:
A particular case of memory sharing is mishandled in the virtual
memory system. This is very similar to SA-21:08.vm, but with a
different root cause.
Impact:
An unprivileged local user process can maintain a mapping of a page
after it is freed, allowing that process to read private data
belonging to other processes or the kernel.
Solution(s)
freebsd-upgrade-base-12_3-release-p6freebsd-upgrade-base-13_0-release-p12freebsd-upgrade-base-13_1-release-p1
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.