Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2018-17155

In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts privileged kernel data.

  • Published: Sep 28, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2018-17155
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
freebsd / freebsd 10.4 10.4.x
freebsd / freebsd - 11.2
freebsd / freebsd 11.1-p15 11.1-p15.x
freebsd / freebsd 11.2-p4 11.2-p4.x
freebsd / freebsd 10.4-p13 10.4-p13.x