CVE-2018-6917
N/A
N/A
Summary
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| FreeBSD | FreeBSD | All supported versions of FreeBSD. | affected |
Weaknesses
- Kernel memory disclosure
ADP Enrichment
CVE Program Container
Additional References
- https://security.FreeBSD.org/advisories/FreeBSD-SA-18:04.vt.asc
- http://www.securityfocus.com/bid/103668
- http://www.securitytracker.com/id/1040629
References
- https://security.FreeBSD.org/advisories/FreeBSD-SA-18:04.vt.asc
- http://www.securityfocus.com/bid/103668
- http://www.securitytracker.com/id/1040629
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.