Kernel Memory Leak in FreeBSD ktrace Facility
CVE-2025-0662
4.9MEDIUM
What is CVE-2025-0662?
The ktrace facility in FreeBSD has a memory leak vulnerability that allows unprivileged userspace programs to expose kernel memory details. Specifically, it logs the contents of kernel structures and, in certain scenarios, dumps a variable-sized sockaddr to userspace. This leads to the unintended copying of up to 14 uninitialized bytes of kernel heap memory to userspace, potentially allowing attackers to gain insights into sensitive memory contents.
Affected Version(s)
FreeBSD 14.2-RELEASE