Overview
- Description
- In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash.
- Source
- secteam@freebsd.org
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 6.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-476
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7354D16-6431-43C2-97BA-EBBF482572C9",
"versionEndExcluding": "11.2"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:p13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86FDD601-4F89-4CA3-BE1A-54EA02DAC008"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:p15:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17D3DDDC-07B4-43ED-8E0B-FF2D293B0EE1"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0"
}
],
"operator": "OR"
}
]
}
]