CVE-2025-0662— Uninitialized kernel memory disclosure via ktrace(2)
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-0662
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Uninitialized kernel memory disclosure via ktrace(2)
Source: NVD (National Vulnerability Database)
Vulnerability Description
In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of kernel memory being copied out to userspace. It is possible for an unprivileged userspace program to leak 14 bytes of a kernel heap allocation to userspace.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
堆缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
FreeBSD ktrace 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
FreeBSD ktrace是FreeBSD基金会的一个用于跟踪系统调用的工具。 FreeBSD ktrace存在安全漏洞,该漏洞源于允许未授权的用户空间程序在特定条件下泄露内核内存中的未初始化数据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-0662
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-0662
请登录查看更多情报信息。
Same Patch Batch · FreeBSD · 2025-01-30 · 3 CVEs total
| CVE-2025-0374 | Unprivileged access to system files | |
| CVE-2025-0373 | Buffer overflow in some filesystems via NFS |
IV. Related Vulnerabilities
Same product: FreeBSD
Same vendor: FreeBSD
Same weakness: CWE-122
- CVE-2026-8261
Squirrel sqobject.cpp Load heap-based overflow - CVE-2026-8213
OSGeo gdal Grid File GDapi.c GDSDfldsrch heap-based overflow - CVE-2026-8212
OSGeo gdal SWapi.c SWSDfldsrch heap-based overflow - CVE-2026-42309
Pillow: Heap buffer overflow with nested list coordinates - CVE-2026-45130
Vim: Heap Buffer Overflow in spell file loading
V. Comments for CVE-2025-0662
No comments yet