CVE-2025-0662

{"id": "CVE-2025-0662", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2025-01-30T05:15:10.653", "references": [{"url": "https://security.freebsd.org/advisories/FreeBSD-SA-25:04.ktrace.asc", "source": "secteam@freebsd.org"}, {"url": "https://security.netapp.com/advisory/ntap-20250207-0006/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "secteam@freebsd.org", "description": [{"lang": "en", "value": "CWE-122"}]}], "descriptions": [{"lang": "en", "value": "In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of kernel memory being copied out to userspace.\n\nIt is possible for an unprivileged userspace program to leak 14 bytes of a kernel heap allocation to userspace."}, {"lang": "es", "value": "En algunos casos, la funci\u00f3n ktrace registra el contenido de las estructuras del n\u00facleo en el espacio de usuario. En uno de esos casos, ktrace env\u00eda una direcci\u00f3n sockaddr de tama\u00f1o variable al espacio de usuario. All\u00ed, se copia la direcci\u00f3n sockaddr completa, incluso cuando es m\u00e1s corta que el tama\u00f1o completo. Esto puede provocar que se copien al espacio de usuario hasta 14 bytes no inicializados de memoria del n\u00facleo. Es posible que un programa de espacio de usuario sin privilegios filtre 14 bytes de una asignaci\u00f3n de mont\u00f3n del n\u00facleo al espacio de usuario."}], "lastModified": "2025-02-07T17:15:31.157", "sourceIdentifier": "secteam@freebsd.org"}