CVE-2018-6917

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data.
References
Link Resource
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:04.vt.asc Vendor Advisory
http://www.securitytracker.com/id/1040629 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/103668 Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

Information

Published : 2018-04-04 02:29

Updated : 2018-05-24 06:02


NVD link : CVE-2018-6917

Mitre link : CVE-2018-6917

Products Affected
No products.
CWE