CVE-2024-25941
LOWDescription
The jail(2) system call has not limited a visiblity of allocated TTYs (the kern.ttys sysctl). This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the information printed by "pstat -t" may be leaked.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
References
Frequently Asked Questions
What is CVE-2024-25941? +
How severe is CVE-2024-25941? +
What products are affected by CVE-2024-25941? +
How do I check if I'm vulnerable to CVE-2024-25941? +
Related Vulnerabilities
Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the …
NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to …
The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to …
The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include …
libcasper(3) communicates with helper processes via UNIX domain sockets, and uses the select(2) system call to wait for data to …
The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The …