CVE-2014-8476 (retired)

Priority
Description
The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize
the buffer used to store the login name, which allows local users to obtain
sensitive information from kernel memory via a call to getlogin, which
returns the entire buffer.
Notes
Package
Upstream:released (8.4-RELEASE-p19)
Patches:
Upstream:http://security.FreeBSD.org/patches/SA-14:25/setlogin.patch
More Information

Updated: 2019-10-09 07:51:18 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)