#VU40917 Input validation error in FreeBSD - CVE-2014-0998
Published: February 2, 2015 / Updated: August 9, 2020
Vulnerability identifier: #VU40917
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2014-0998
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
FreeBSD
FreeBSD
Software vendor:
FreeBSD Foundation
FreeBSD Foundation
Description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index error and out-of-bounds kernel memory access.
Remediation
Install update from vendor's website.