CVE-2014-3953

NameCVE-2014-3953
DescriptionFreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a (1) SCTP_SNDRCV, (2) SCTP_EXTRCV, or (3) SCTP_RCVINFO SCTP cmsg or a (4) SCTP_PEER_ADDR_CHANGE, (5) SCTP_REMOTE_ERROR, or (6) SCTP_AUTHENTICATION_EVENT notification.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-3070-1
NVD severitymedium (attack range: local)
Debian Bugs754237

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kfreebsd-10 (PTS)jessie10.1~svn274115-4fixed
sid, stretch10.3~svn300087-3fixed
kfreebsd-8 (PTS)wheezy8.3-6+deb7u1vulnerable
kfreebsd-9 (PTS)wheezy, wheezy (security)9.0-10+deb70.10fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kfreebsd-10source(unstable)10.1~svn272463-1medium
kfreebsd-8source(unstable)(unfixed)medium
kfreebsd-8sourcesqueeze(unfixed)end-of-life
kfreebsd-9source(unstable)(unfixed)medium754237
kfreebsd-9sourcewheezy9.0-10+deb70.8mediumDSA-3070-1

Notes

[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)

Search for package or bug name: Reporting problems