pfSense 2.3.x < 2.3.5-p2 / 2.4.x < 2.4.3-p1 Multiple Vulnerabilities (SA-18_04 / SA-18_05)
High Nessus Plugin ID 119886
SynopsisThe remote firewall host is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version number, the remote pfSense install is a version 2.3.x prior to 2.3.5-p2 or 2.4.x prior to 2.4.3-p1. It is, therefore, affected by multiple vulnerabilities:
- In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of privileged kernel data. (CVE-2018-6921)
- A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that could lead to local privilege escalation. (CVE-2018-8897)
SolutionUpgrade to pfSense version 2.3.5-p2 / 2.4.3-p1 or later.