Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or information disclosure. CVE-2014-3711 Denial of service through memory leak in sandboxed namei lookups. CVE-2014-3952 Kernel memory disclosure in sockbuf control messages. CVE-2014-3953 Kernel memory disclosure in SCTP. This update disables SCTP, since the userspace tools shipped in Wheezy didn't support SCTP anyway. CVE-2014-8476 Kernel stack disclosure in setlogin() and getlogin().

For the stable distribution (wheezy), these problems have been fixed in version 9.0-10+deb70.8. We recommend that you upgrade your kfreebsd-9 packages.

The FreeBSD kernel is the core of the FreeBSD operating system.

kfreebsd-9 on Debian Linux

This check tests the installed software version using the apt package manager.

• http://www.debian.org/security/2014/dsa-3070.html

---

Updated on 2015-03-25