Kernel Memory Disclosure Vulnerability in FreeBSD's ktrace Utility

Kernel Memory Disclosure Vulnerability in FreeBSD's ktrace Utility

CVE-2014-3873 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace.

Learn more about our User Device Pen Test.