FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.

Threat-Mapped Scoring

Score: 3.1

Priority: P2 - Serious (High)

• S1 – Steal Customer Account Information
• S10 – Denial of Service (+0.1 bonus)

EPSS

Score: 0.00088
Percentile: 0.26231

CVSS Scoring

Mapped CWE(s)

• CWE-909 : Missing Initialization of Resource

Affected Products

• cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

← Back to Home