vulnerability
FreeBSD: VID-a5cf3ecd-38db-11e8-8b7f-a4badb2f469b (CVE-2018-6917): FreeBSD -- vt console memory disclosure
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Apr 5, 2018 | Apr 6, 2018 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Apr 5, 2018
Added
Apr 6, 2018
Modified
Dec 10, 2025
Description
Problem Description: Insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Characters that reference this data can be displayed on the screen, effectively disclosing kernel memory. Impact: Unprivileged users may be able to access privileged kernel data. Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way; for example, a terminal buffer might include a user-entered password.
Solutions
freebsd-upgrade-base-11_1-release-p9freebsd-upgrade-base-10_4-release-p8freebsd-upgrade-base-10_3-release-p29
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.