CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-24385
https://notcve.org/view.php?id=CVE-2020-24385
03 Sep 2020 — In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. During binary interaction, td->td_emuldata in sys/compat/linux/linux_emul.h is not getting initialized and returns NULL from em_find(). En MidnightBSD versiones anteriores a 1.2.6 y versiones 1.3 anteriores a Agosto de 2020, y FreeBSD versiones anteriores a 7, se encontró una desreferencia del puntero NULL en la cap... • http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-20:02.txt • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2020-24863
https://notcve.org/view.php?id=CVE-2020-24863
03 Sep 2020 — A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode. Se encontró una vulnerabilidad de corrupción de memoria en la función del kernel kern_getfsstat en MidnightBSD versiones anteriores a 1.2.7 y versiones 1.3 hasta el19-08-2020, y FreeBSD versiones hasta 11.4, que pe... • http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-20:01.txt • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10565
https://notcve.org/view.php?id=CVE-2020-10565
14 Mar 2020 — grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhyve process, resulting in code execution as root on the host OS. grub2-bhyve, como es usado en FreeBSD bhyve anterior a revisión 525916 12-02-2020, no comprueba la dirección proporcionada como parte de un coman... • https://svnweb.freebsd.org/ports?view=revision&revision=525916 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10566
https://notcve.org/view.php?id=CVE-2020-10566
14 Mar 2020 — grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow. grub2-bhyve, como es usado en FreeBSD bhyve anterior a revisión 525916 12-02-2020, maneja inapropiadamente una carga de fuentes por parte de un invitado mediante un archivo grub2.cfg, conllevando a un desbordamiento de búfer. • https://svnweb.freebsd.org/ports?view=revision&revision=525916 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5363
https://notcve.org/view.php?id=CVE-2012-5363
20 Feb 2020 — The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393. La implementación de IPv6 en FreeBSD y NetBSD (versiones desconocidas, año 2012 y anteriores), permite a atacantes remotos causar una denegación de servicio por medio de una avalancha de mensajes ICMPv6 Neighbor Solicitation, una vulnerabilidad diferente de CVE-2011-2393... • http://www.openwall.com/lists/oss-security/2012/10/10/12 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5365
https://notcve.org/view.php?id=CVE-2012-5365
20 Feb 2020 — The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. La implementación de IPv6 en FreeBSD y NetBSD (versiones desconocidas, año 2012 y anteriores) permite a atacantes remotos causar una denegación de servicio por medio de una avalancha de paquetes ICMPv6 Router Advertisement, que contienen múltiples entradas de Enrutamiento. • http://www.openwall.com/lists/oss-security/2012/10/10/12 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2480
https://notcve.org/view.php?id=CVE-2011-2480
27 Nov 2019 — Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. Una vulnerabilidad de Divulgación de Información en el protocolo 802.11 stack, como es usado en FreeBSD versiones anteriores a la versión 8.2 y NetBSD cuando es... • https://access.redhat.com/security/cve/cve-2011-2480 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 1%CPEs: 24EXPL: 0CVE-2019-9494 – The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks
https://notcve.org/view.php?id=CVE-2019-9494
17 Apr 2019 — The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. Las implementaciones SAE en hostapd y wpa_supplicant son vulnerables a los ataques de canal lateral (side ... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html • CWE-203: Observable Discrepancy CWE-208: Observable Timing Discrepancy CWE-524: Use of Cache Containing Sensitive Information •
CVSS: 4.3EPSS: 3%CPEs: 25EXPL: 0CVE-2019-9495 – The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns
https://notcve.org/view.php?id=CVE-2019-9495
11 Apr 2019 — The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html • CWE-203: Observable Discrepancy CWE-524: Use of Cache Containing Sensitive Information •
CVSS: 8.1EPSS: 1%CPEs: 28EXPL: 0CVE-2019-9499 – The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit
https://notcve.org/view.php?id=CVE-2019-9499
11 Apr 2019 — The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to a... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html • CWE-287: Improper Authentication CWE-346: Origin Validation Error •