fkie_cve-2013-6834
Vulnerability from fkie_nvd
Published
2013-11-21 04:40
Modified
2025-04-11 00:51
Severity ?
Summary
The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0616679-F38B-43AC-AB68-9CA1F724AE80",
"versionEndIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:0.4_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A37C19D-B29E-44B3-8DEF-FA32D0B01F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44EFD22E-02C9-4B80-8934-A9AC8DD858CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B4D4A5-25EB-48FE-BDFD-A274CE802648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C11DD743-A21D-48F4-BD55-A8A4FA960F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A037F1-98AD-47CC-8D83-B42666E1B61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "973B0545-D595-4A82-A147-0AB28FE32E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63236405-1F33-43DD-ACF7-B6D9656E0987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3A2EBB-0359-49A7-B7F9-56EE6FD85D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7891202C-62AF-4590-9E5F-3514FDA2B38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4F7002-A525-4A66-BE8B-E50ABBF144B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1156954-25AD-45BE-AE49-9705ECD5BDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED84E66-CFD9-4DF8-9679-13457D340D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "582B9BF3-5BF1-44A3-A580-62F2D44FDD34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD73CDB-94C5-4DBF-8B4C-DD3E4E399445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD85B1ED-1473-4C22-9E1E-53F07CF517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7752D43D-64AF-474F-BFBB-2625A29C1B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4416CBA-76B9-4051-B015-F1BE89517309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9118B602-3FB6-4701-AC09-763DD48334BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F7F02A-C845-40BF-8490-510A070000F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F948527C-A01E-4315-80B6-47FACE18A34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F25FB59-1E4F-4420-8482-8007FF5E2411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C94B745-BD27-423D-BBB6-A821CD9BC1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF1F9EF-01AF-4708-AE02-765360AF3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9899C87E-2C09-46AE-BC24-1ACF012784CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5ECA1A-D9B4-4ED7-95EC-684E7AA2B765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "30C501A1-FE2D-41E7-A5DB-C61D8701B9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB4C0E8-8E50-44B1-BE0C-4C261D9E9730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BD5BFF-260A-4A9E-B0AA-C8B8386B154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D78E559A-430D-4D50-8A83-58A37D393471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C560926-7789-4052-819D-C36C43C9C61E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call."
},
{
"lang": "es",
"value": "La funci\u00f3n ql_eioctl en el archivo sys/dev/qlxgbe/ql_ioctl.c en el kernel en FreeBSD versi\u00f3n 10 y anteriores, no comprueba un par\u00e1metro de tama\u00f1o determinado, lo que permite a usuarios locales obtener informaci\u00f3n confidencial de la memoria del kernel por medio de una llamada ioctl dise\u00f1ada."
}
],
"id": "CVE-2013-6834",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-21T04:40:59.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0107.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0107.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…