CVE-2014-3953

NameCVE-2014-3953
DescriptionFreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a (1) SCTP_SNDRCV, (2) SCTP_EXTRCV, or (3) SCTP_RCVINFO SCTP cmsg or a (4) SCTP_PEER_ADDR_CHANGE, (5) SCTP_REMOTE_ERROR, or (6) SCTP_AUTHENTICATION_EVENT notification.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-3070-1
NVD severitymedium
Debian Bugs754237

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kfreebsd-10 (PTS)jessie10.1~svn274115-4fixed
stretch10.3~svn300087-3fixed
buster10.3~svn300087-5fixed
bullseye, sid10.3~svn300087+ds1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kfreebsd-10source(unstable)10.1~svn272463-1
kfreebsd-8source(unstable)(unfixed)
kfreebsd-8sourcesqueeze(unfixed)end-of-life
kfreebsd-9source(unstable)(unfixed)754237
kfreebsd-9sourcewheezy9.0-10+deb70.8DSA-3070-1

Notes

[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)

Search for package or bug name: Reporting problems