vulnerability

FreeBSD: VID-02FB9764-1893-11ED-9B22-002590C1F29C (CVE-2022-23091): FreeBSD -- Memory disclosure by stale virtual memory mapping

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
Aug 9, 2022
Added
Nov 4, 2022
Modified
Feb 18, 2025

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.


From VID-02FB9764-1893-11ED-9B22-002590C1F29C:




Problem Description:


A particular case of memory sharing is mishandled in the virtual


memory system. This is very similar to SA-21:08.vm, but with a


different root cause.


Impact:


An unprivileged local user process can maintain a mapping of a page


after it is freed, allowing that process to read private data


belonging to other processes or the kernel.



Solution(s)

freebsd-upgrade-base-12_3-release-p6freebsd-upgrade-base-13_0-release-p12freebsd-upgrade-base-13_1-release-p1
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.