FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Buffer overflow in keyboard driver

Affected packages
10.3 <= FreeBSD-kernel < 10.3_3
10.2 <= FreeBSD-kernel < 10.2_17
10.1 <= FreeBSD-kernel < 10.1_34
9.3 <= FreeBSD-kernel < 9.3_42


VuXML ID 7bbc0e8c-600a-11e6-a6c3-14dae9d210b8
Discovery 2016-05-17
Entry 2016-08-11

Problem Description:

Incorrect signedness comparison in the ioctl(2) handler allows a malicious local user to overwrite a portion of the kernel memory.


A local user may crash the kernel, read a portion of kernel memory and execute arbitrary code in kernel context. The result of executing an arbitrary kernel code is privilege escalation.


CVE Name CVE-2016-1886
FreeBSD Advisory SA-16:18.atkbd