VDB
CVE-2025-0662
CVE-2025-0662
PUBLISHED
Es existiert eine Schwachstelle in FreeBSD Project FreeBSD OS. Das ktrace(2)-Modul ermöglicht das Schreiben von bis zu 14 Bytes nicht initialisierten Kernelspeichers in den Userspace. Ein lokaler Angreifer kann dadurch Benutzerinformationen auslesen.
EPSS 0.10% · 27.4th percentile
Risk Scores
EPSS Score
0.10%
27.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| FreeBSD Project | FreeBSD Project FreeBSD OS <13.4-STABLE | |
| FreeBSD Project | FreeBSD Project FreeBSD OS <14.2-STABLE |
Timeline
- Jan 29, 2025 CVE Published
- Jan 30, 2025 EPSS Score
- Feb 12, 2025 Coalition ESS Score
- Feb 14, 2025 EPSS Score
- Mar 1, 2025 EPSS Score
- Mar 16, 2025 EPSS Score
- Mar 31, 2025 EPSS Score
- Apr 15, 2025 EPSS Score
- Apr 30, 2025 EPSS Score
- May 15, 2025 EPSS Score
- May 30, 2025 EPSS Score
- Jun 14, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0224.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0224 advisory
- https://security.FreeBSD.org/advisories/FreeBSD-SA-25:02.fs.asc advisory
- https://security.FreeBSD.org/advisories/FreeBSD-SA-25:03.etcupdate.asc advisory
- https://security.freebsd.org/advisories/FreeBSD-SA-25:04.ktrace.asc advisory