Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeBSD ‘qls_eioctl’函数输入验证漏洞
Vulnerability Description
FreeBSD是由Core Team团队负责的FreeBSD项目中的一套类Unix自由操作系统,是经过BSD、386BSD和4.4BSD发展而来的类Unix的一个重要分支。 FreeBSD 10及之前的版本中的ys/dev/qlxge/qls_ioctl.c文件中的‘qls_eioctl’函数存在安全漏洞,该漏洞源于程序没有验证‘size’参数。本地攻击者可通过特制的ioctl调用利用该漏洞获取内核内存中的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A