DescriptionThe Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists."
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh (attack range: local)
Debian Bugs811278

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kfreebsd-10 (PTS)jessie10.1~svn274115-4vulnerable
sid, stretch10.3~svn300087-3fixed
kfreebsd-9 (PTS)wheezy, wheezy (security)9.0-10+deb70.10vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs


kfreebsd not covered by security support in Jessie
[wheezy] - kfreebsd-9 <end-of-life> (Unsupported in wheezy-lts)

Search for package or bug name: Reporting problems