- Description
- kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677"
}
],
"operator": "OR"
}
]
}
]