Vulnerability Database

290,273

Total vulnerabilities in the database

CVE-2013-5666

The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information (kernel memory) via a length greater than the length of the file.

  • Published: Sep 23, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-5666
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.7
  • AV:L/AC:M/Au:N/C:C/I:N/A:N

CWEs:

Software From Fixed in
freebsd / freebsd 9.2-rc1 9.2-rc1.x
freebsd / freebsd 9.2-rc2 9.2-rc2.x