vulnerability
FreeBSD: FreeBSD -- Buffer overflow in keyboard driver (FreeBSD-SA-16:18.atkbd) (CVE-2016-1886)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | May 25, 2016 | Aug 12, 2016 | Oct 30, 2017 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
May 25, 2016
Added
Aug 12, 2016
Modified
Oct 30, 2017
Description
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
Solution(s)
freebsd-upgrade-base-10_1-release-p34freebsd-upgrade-base-10_2-release-p17freebsd-upgrade-base-10_3-release-p3freebsd-upgrade-base-9_3-release-p42
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.