|CVSS SCORE||3.8, (AV:L/AC:H/Au:S/C:C/I:N/A:N)|
The specific flaw exists within the dtrace implementation in SmartOS. A function within this implementation allows for arbitrary reads from kernel space. This allows an attacker to read arbitrary memory from the headnode where the zone resides.
Joyent has issued an update to correct this vulnerability. More details can be found at: