FreeBSD : FreeBSD -- ktrace kernel memory disclosure (6e04048b-6007-11e6-a6c3-14dae9d210b8)
Low Nessus Plugin ID 92902
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionDue to an overlooked merge to -STABLE branches, the size for page fault kernel trace entries was set incorrectly. Impact : A user who can enable kernel process tracing could end up reading the contents of kernel memory.
Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way; for example, a terminal buffer might include a user-entered password.
SolutionUpdate the affected packages.