Vulnerabilities > CVE-2018-17154 - NULL Pointer Dereference vulnerability in Freebsd

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
freebsd
CWE-476

Summary

In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able to cause a denial of service.

Vulnerable Configurations

Part Description Count
OS
Freebsd
813

Common Weakness Enumeration (CWE)