The bsdinstall installer in FreeBSD 10.x prior to 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 10.0 |
||
freebsd freebsd |
||
freebsd freebsd 10.1 |