OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.
. Was ZDI-CAN-14540.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-22-073/ |
History
Thu, 19 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Openbsd
Openbsd openbsd |
|
CPEs | cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:* | |
Vendors & Products |
Openbsd
Openbsd openbsd |
|
Metrics |
ssvc
|
Wed, 18 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14540. | OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. . Was ZDI-CAN-14540. |
MITRE
Status: PUBLISHED
Assigner: zdi
Published: 2024-05-07T22:54:51.785Z
Updated: 2024-09-18T18:19:31.677Z
Reserved: 2021-06-17T19:27:05.669Z
Link: CVE-2021-34999
Vulnrichment
Updated: 2024-08-04T00:26:55.938Z
NVD
Status : Awaiting Analysis
Published: 2024-05-07T23:15:13.750
Modified: 2024-11-21T06:11:40.303
Link: CVE-2021-34999
Redhat
No data.