Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptrace_lwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of information of the kernel stack of the thread is possible from the debugger. As a result, some bytes from the kernel stack of the thread using ptrace (PT_LWPINFO) call can be observed in userspace.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeBSD 安全漏洞
Vulnerability Description
FreeBSD是由Core Team团队负责的FreeBSD项目中的一套类Unix自由操作系统,是经过BSD、386BSD和4.4BSD发展而来的类Unix的一个重要分支。 FreeBSD中存在安全漏洞。攻击者可利用该漏洞获取线程的内核栈信息。以下版本受到影响:FreeBSD 11.1-STABLE之前的版本,11.1-RELEASE-p4之前的版本,11.0-RELEASE-p15之前的版本,10.4-STABLE之前的版本,10.4-RELEASE-p3之前的版本,10.3-RELEASE-p24之前
CVSS Information
N/A
Vulnerability Type
N/A