CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2019-5601
https://notcve.org/view.php?id=CVE-2019-5601
In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. En FreeBSD 12.0-STABLE en versiones anteriores a la r347474, 12.0-RELEASE en versiones anteriores a la 12.0-RELEASE-p7, 11.2-STABLE en versiones anteriores a la r347475, y 11.2-RELEASE en versiones anteriores a la 11.2-RELEASE-p11, un error en la implementación de FFS causa hasta tres bytes de memoria de la pila del kernel para ser escrito en el disco como relleno de entrada de directorio no inicializado. • http://packetstormsecurity.com/files/153523/FreeBSD-Security-Advisory-FreeBSD-SA-19-10.ufs.html https://security.FreeBSD.org/advisories/FreeBSD-SA-19:10.ufs.asc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 18EXPL: 0CVE-2019-5602
https://notcve.org/view.php?id=CVE-2019-5602
In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory when media is present thereby allowing a malicious user in the operator group to gain root privileges. En FreeBSD 12.0-ESTABLE en versiones anteriores a la r349628, 12.0-RELEASE en versiones anteriores a la 12.0-RELEASE-p7, 11.3-PRERELEASE en versiones anteriores a la r349629, 11.3-RC3 en versiones anteriores a la 11.3-RC3-p1, y 11.2-RELEASE en versiones anteriores a la 11.2-RELEASE-p11, un error en el controlador cdrom permite a los usuarios con acceso de lectura al dispositivo cdrom sobrescribir arbitrariamente la memoria del kernel cuando hay medios presentes, lo que permite que un usuario malintencionado en el grupo de operadores obtenga privilegios de root. • http://packetstormsecurity.com/files/153522/FreeBSD-Security-Advisory-FreeBSD-SA-19-11.cd_ioctl.html https://security.FreeBSD.org/advisories/FreeBSD-SA-19:11.cd_ioctl.asc • CWE-787: Out-of-bounds Write CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 3%CPEs: 18EXPL: 0CVE-2019-5600
https://notcve.org/view.php?id=CVE-2019-5600
In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv implementation may allow an attacker to write past the end of an output buffer. Depending on the implementation, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. En FreeBSD 12.0-ESTABLE en versiones anteriores a la r349622, 12.0-RELEASE en versiones anteriores a la 12.0-RELEASE-p7, 11.3-PRERELEASE en versiones anteriores a la r349624, 11.3-RC3 en versiones anteriores a la 11.3-RC3-p1, y 11.2-RELEASE en versiones anteriores a la 11.2-RELEASE-p11, un error en la implementación de iconv puede permitir que un atacante escriba más allá del final de un búfer de salida. Dependiendo de la implementación, un atacante puede crear una denegación de servicio, provocar un comportamiento incorrecto del programa o inducir una ejecución remota de código. • http://packetstormsecurity.com/files/153520/FreeBSD-Security-Advisory-FreeBSD-SA-19-09.iconv.html https://security.FreeBSD.org/advisories/FreeBSD-SA-19:09.iconv.asc • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 37EXPL: 0CVE-2019-12900 – bzip2: out-of-bounds write in function BZ2_decompress
https://notcve.org/view.php?id=CVE-2019-12900
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. La función BZ2_decompress en el archivo decompress.c en bzip2 hasta 1.0.6, presenta una escritura fuera de límites cuando hay muchos selectores. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html https://gitlab.com/federicomenaqui • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2019-5598
https://notcve.org/view.php?id=CVE-2019-5598
In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in pf does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet allowing a maliciously crafted ICMP/ICMP6 packet could bypass the packet filter rules and be passed to a host that would otherwise be unavailable. n FreeBSD 11.3-PRERELEASE antes de r345378, 12.0-ESTABLE antes de r345377, 11.2-RELEASE antes de 11.2-RELEASE-p10, y 12.0-RELEASE antes de 12.0-RELEASE-p4, un error en pf no verifica si el paquete ICMP exterior o ICMP6 tiene la misma IP de destino que la IP de la fuente del paquete de protocolo interno permitiendo la creación maliciosa de un paquete ICMP / ICMP6 podría eludir las reglas de el Packet Filter y pasar a un host que de lo contrario estará inhabilitado. • http://packetstormsecurity.com/files/152934/FreeBSD-Security-Advisory-FreeBSD-SA-19-06.pf.html http://www.securityfocus.com/bid/108395 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.asc https://security.netapp.com/advisory/ntap-20190611-0001 https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.synacktiv.com/posts/systems/icmp-reachable.html • CWE-20: Improper Input Validation •