CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2021-29632 – FreeBSD Security Advisory - FreeBSD-SA-22:01.vt
https://notcve.org/view.php?id=CVE-2021-29632
11 Jan 2022 — In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the system console or other kernel memory. En FreeBSD versión 13.0-STABLE anteriores a n247428-9352de39c3dc, 12.2-STABLE anteriores a r370674, 13.0-RELEASE anteriores a p6 y 12.2-RELEASE anteriores a p12, en determinadas co... • https://security.freebsd.org/advisories/FreeBSD-SA-22:01.vt.asc •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1075
https://notcve.org/view.php?id=CVE-2011-1075
19 Oct 2021 — FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function, which takes a pathname as an argument, and is called with euid 0. A race condition in this process may lead to an arbitrary MD5 comparison regardless of the read permissions. El crontab de FreeBSD calcula la suma MD5 del cronjob anterior y del nuevo para determinar si se han realizado cambios antes de copiar la n... • https://marc.info/?l=full-disclosure&m=129891323028897&w=2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.1EPSS: 1%CPEs: 29EXPL: 0CVE-2021-29630 – FreeBSD Security Advisory - FreeBSD-SA-21:14.ggatec
https://notcve.org/view.php?id=CVE-2021-29630
24 Aug 2021 — In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code. En FreeBSD versiones 13.0-STABLE anteriores a n246938-0729ba2f49c9, 12.2-STABLE anteriore... • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:14.ggatec.asc • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2021-29631 – FreeBSD Security Advisory - FreeBSD-SA-21:13.bhyve
https://notcve.org/view.php?id=CVE-2021-29631
24 Aug 2021 — In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. A malicious guest may cause the device model to operate on uninitialized I/O vectors leading to memory corruption, crashing of the bhyve process, and possibly arbitrary code execution in the bhyve process. En FreeBSD versiones ... • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:13.bhyve.asc • CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2021-29629 – FreeBSD Security Advisory - FreeBSD-SA-21:12.libradius
https://notcve.org/view.php?id=CVE-2021-29629
26 May 2021 — In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius(3) could allow malicious clients or servers to trigger denial of service in vulnerable servers or clients respectively. En FreeBSD versiones 13.0-STABLE anteriores a n245765-bec0d2c9c841, versiones 12.2-STABLE anteriores a r369859, versiones 11.4-STABLE anteriores a r369866, versiones 1... • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:12.libradius.asc • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 1CVE-2021-29628 – FreeBSD Security Advisory - FreeBSD-SA-21:11.smap
https://notcve.org/view.php?id=CVE-2021-29628
26 May 2021 — In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit. En FreeBSD versiones 13.0-STABLE anteriores a n245764-876ffe28796c, versiones 12.2-STABLE anteriores a r369857, versiones 13.0-RELEASE anteriores a p1 y versiones 12.2-RELEASE anteriores a p... • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2020-25584 – FreeBSD Security Advisory - FreeBSD-SA-21:10.jail_mount
https://notcve.org/view.php?id=CVE-2020-25584
06 Apr 2021 — In FreeBSD 13.0-STABLE before n245118, 12.2-STABLE before r369552, 11.4-STABLE before r369560, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, a superuser inside a FreeBSD jail configured with the non-default allow.mount permission could cause a race condition between the lookup of ".." and remounting a filesystem, allowing access to filesystem hierarchy outside of the jail. En FreeBSD versiones 13.0-STABLE anteriores a n245118, versiones 12.2-STABLE anteriores a r369552, versiones 1... • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:10.jail_mount.asc • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 23EXPL: 0CVE-2021-29626 – FreeBSD Security Advisory - FreeBSD-SA-21:08.vm
https://notcve.org/view.php?id=CVE-2021-29626
06 Apr 2021 — In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple processes allowing an unprivileged process to maintain a mapping after it is freed, allowing the process to read private data belonging to other processes or the kernel. En FreeBSD versiones 13.0-STABLE anteriores a n245117, versiones 12.2-STABLE anteriores a... • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:08.vm.asc • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 1CVE-2021-29627 – FreeBSD Security Advisory - FreeBSD-SA-21:09.accept_filter
https://notcve.org/view.php?id=CVE-2021-29627
06 Apr 2021 — In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free. En FreeBSD versiones 13.0-STABLE anteriores a n245050, versiones 12.2-STABLE anteriores a r369525, versiones 13.0-RC4 anteriores a p0 y versiones 12.2-RELEASE anteriores a p6, los filtros de a... • https://github.com/raymontag/cve-2021-29627 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 29EXPL: 0CVE-2020-7464
https://notcve.org/view.php?id=CVE-2020-7464
26 Mar 2021 — In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12.1-RELEASE before p10, 11.4-RELEASE before p4, and 11.3-RELEASE before p14, a programming error in the ure(4) device driver caused some Realtek USB Ethernet interfaces to incorrectly report packets with more than 2048 bytes in a single USB transfer as having a length of only 2048 bytes. An adversary can exploit this to cause the driver to misinterpret part of the payload of a large packet as a separate packet, and thereby inject packets ac... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:27.ure.asc • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •