FreeBSD : FreeBSD -- ktrace kernel memory disclosure (6e04048b-6007-11e6-a6c3-14dae9d210b8)

Low Nessus Plugin ID 92902


The remote FreeBSD host is missing one or more security-related updates.


Due to an overlooked merge to -STABLE branches, the size for page fault kernel trace entries was set incorrectly. Impact : A user who can enable kernel process tracing could end up reading the contents of kernel memory.

Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way; for example, a terminal buffer might include a user-entered password.


Update the affected packages.

See Also

Plugin Details

Severity: Low

ID: 92902

File Name: freebsd_pkg_6e04048b600711e6a6c314dae9d210b8.nasl

Version: $Revision: 2.1 $

Type: local

Published: 2016/08/12

Modified: 2016/08/12

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 1.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:FreeBSD-kernel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/08/11

Vulnerability Publication Date: 2014/06/03

Reference Information

CVE: CVE-2014-3873

BID: 67812

FreeBSD: SA-14:12.ktrace