cbcvebase.
CVE-2014-0998
published 2015-02-02

CVE-2014-0998: Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of…

PriorityP431high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.92%
55.9th percentile
Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index error and out-of-bounds kernel memory access.

Affected

1 ranges
VendorProductVersion rangeFixed in
freebsdfreebsd
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.