Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2014-3952

Published: 15/07/2014 Updated: 29/08/2017
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Freebsd

Vulnerability Summary

FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize the buffer between the header and data of a control message, which allows local users to obtain sensitive information from kernel memory via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

freebsd freebsd 9.1

freebsd freebsd 8.4

freebsd freebsd 10.0

freebsd freebsd 9.2

Vendor Advisories

Debian CVElist Bug Report Logs: kfreebsd-9: CVE-2014-3711: memory leak in sandboxed namei lookup
Debian Bug report logs - #766275 kfreebsd-9: CVE-2014-3711: memory leak in sandboxed namei lookup Package: src:kfreebsd-9; Maintainer for src:kfreebsd-9 is (unknown); Reported by: Steven Chamberlain <steven@pyroeuorg> Date: Tue, 21 Oct 2014 21:33:01 UTC Severity: important Tags: patch, security, upstream Found in versio ...
Debian CVElist Bug Report Logs: kfreebsd-9: sockbuf CMSG kernel memory disclosure (CVE-2014-3952)
Debian Bug report logs - #754236 kfreebsd-9: sockbuf CMSG kernel memory disclosure (CVE-2014-3952) Package: src:kfreebsd-9; Maintainer for src:kfreebsd-9 is (unknown); Reported by: Steven Chamberlain <steven@pyroeuorg> Date: Tue, 8 Jul 2014 22:45:01 UTC Severity: important Tags: security, upstream Found in versions kfr ...
Debian Security Advisories: DSA-3070-1 kfreebsd-9 -- security update
Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or information disclosure CVE-2014-3711 Denial of service through memory leak in sandboxed namei lookups CVE-2014-3952 Kernel memory disclosure in sockbuf control messages CVE-2014-3953 Kernel memory disclosure in SCTP This updat ...

References

CWE-119http://www.securityfocus.com/bid/68466http://www.freebsd.org/security/advisories/FreeBSD-SA-14:17.kmem.aschttp://www.securitytracker.com/id/1030539http://www.debian.org/security/2014/dsa-3070http://secunia.com/advisories/62218https://exchange.xforce.ibmcloud.com/vulnerabilities/94448https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766275https://www.debian.org/security/./dsa-3070
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook