Integer Overflow Vulnerability in FreeBSD
CVE-2018-6917 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data.
Learn more about our User Device Pen Test.