FreeBSD : FreeBSD -- Mishandling of x86 debug exceptions (521ce804-52fd-11e8-9123-a4badb2f4699)
High Nessus Plugin ID 109625
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe MOV SS and POP SS instructions inhibit debug exceptions until the instruction boundary following the next instruction. If that instruction is a system call or similar instruction that transfers control to the operating system, the debug exception will be handled in the kernel context instead of the user context. Impact : An authenticated local attacker may be able to read sensitive data in kernel memory, control low-level operating system functions, or may panic the system.
SolutionUpdate the affected packages.