High severity7.8NVD Advisory· Published May 25, 2016· Updated Jun 17, 2026
CVE-2016-1886
CVE-2016-1886
Description
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:o:freebsd:freebsd:10.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:freebsd:freebsd:10.1:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.3:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:*:*:*:*:*:*:*
- (no CPE)range: 9.3 before p42, 10.1 before p34, 10.2 before p17, 10.3 before p3
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.