Unrated severityNVD Advisory· Published May 6, 2005· Updated Apr 16, 2026
CVE-2005-1406
CVE-2005-1406
Description
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory.
Affected products
16cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*
- (no CPE)range: 4.0 <= version <= 4.11; 5.0 <= version <= 5.4
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:08.kmem.ascnvdPatchVendor Advisory
- lists.apple.com/archives/security-announce/2005/Oct/msg00000.htmlnvd
- secunia.com/advisories/17368nvd
- www.securityfocus.com/bid/13526nvd
- www.securityfocus.com/bid/15252nvd
- www.vupen.com/english/advisories/2005/2256nvd
News mentions
0No linked articles in our index yet.