← back
CVE-2018-6917

CVE-2018-6917

EPSS 2.0%
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data.
Affected products
FreeBSD · FreeBSD

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:04.vt.aschttp://www.securityfocus.com/bid/103668http://www.securitytracker.com/id/1040629