Back to search
CVE-2016-1886
Published: May 25, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1035905
vdb-entry
x_refsource_SECTRACK
90734
vdb-entry
x_refsource_BID
FreeBSD-SA-16:18
vendor-advisory
x_refsource_FREEBSD
https://security.FreeBSD.org/patches/SA-16:18/atkbd.patch
x_refsource_CONFIRM
http://cturt.github.io/SETFKEY.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now