FreeBSD : FreeBSD -- SCTP SCTP_SS_VALUE kernel memory corruption and disclosure (0a5cf6d8-600a-11e6-a6c3-14dae9d210b8)
Medium Nessus Plugin ID 92884
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionDue to insufficient validation of the SCTP stream ID, which serves as an array index, a local unprivileged attacker can read or write 16-bits of kernel memory. Impact : An unprivileged process can read or modify 16-bits of memory which belongs to the kernel. This may lead to exposure of sensitive information or allow privilege escalation.
SolutionUpdate the affected packages.