Back to search
CVE-2018-6917
Published: Apr 4, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data.
| Vendor | Product | Versions |
|---|---|---|
FreeBSD | FreeBSD | affected All supported versions of FreeBSD. |
References
FreeBSD-SA-18:04
vendor-advisory
x_refsource_FREEBSD
103668
vdb-entry
x_refsource_BID
1040629
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now