CVSS: 8.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-25581
https://notcve.org/view.php?id=CVE-2020-25581
26 Mar 2021 — In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jail_remove(2) implementation, it may fail to kill some of the processes. En FreeBSD versiones 12.2-STABLE anteriores a r369312, 11.4-STABLE anteriores a r369313, 12.2-RELEASE anteriores a p4 y 11.4-RELEASE anteriores a p8, debido a una condición de carrera en la implementación de jail_remove(2), puede cometer un fallo al eliminar algunos de los procesos. • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:04.jail_remove.asc • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2020-25580
https://notcve.org/view.php?id=CVE-2020-25580
26 Mar 2021 — In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 a regression in the login.access(5) rule processor has the effect of causing rules to fail to match even when they should not. This means that rules denying access may be ignored. En FreeBSD versiones 12.2-STABLE anteriores a r369346, 11.4-STABLE anteriores a r369345, 12.2-RELEASE anteriores a p4 y 11.4-RELEASE anteriores a p8, una regresión en el procesador de reglas login.access(5) tiene el... • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:03.pam_login_access.asc • CWE-697: Incorrect Comparison •
CVSS: 7.6EPSS: 0%CPEs: 29EXPL: 0CVE-2020-7467
https://notcve.org/view.php?id=CVE-2020-7467
26 Mar 2021 — In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped. En FreeBSD versiones 12.2-STABLE anteriores a r365767, 11.4-STABLE anteriores a r365769, 12.1-RELEASE anteriores a p10, 11.4-RELEASE anteriores a p4 y 11.3-RELEASE anteriores a p14, vari... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:29.bhyve_svm.asc • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 0%CPEs: 29EXPL: 0CVE-2020-7468 – FreeBSD FTPD Improper Handling of Exceptional Conditions Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-7468
15 Dec 2020 — In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the file system restriction configured in ftpchroot(5). Moreover, the bug allows a malicious client to gain root privileges. En FreeBSD versiones 12.2-STABLE anteriores a r365772, 11.4-STABLE anteriores a r365773, 12... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:30.ftpd.asc •
CVSS: 8.2EPSS: 0%CPEs: 49EXPL: 1CVE-2020-24718
https://notcve.org/view.php?id=CVE-2020-24718
25 Sep 2020 — bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP. bhyve, como es usado en FreeBSD versiones hasta 12.1 e illumos (por ejemplo, OmniOS CE versiones hasta r151034 y OpenIndiana versiones hasta Hipster 2020.04), no restringe apropiadamente las operaciones d... • https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249 • CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-7459
https://notcve.org/view.php?id=CVE-2020-7459
06 Aug 2020 — In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB network drivers allows a malicious USB device to write beyond the end of an allocated network packet buffer. En FreeBSD versiones 12.1-ESTABLE anteriores a r362166, versiones 12.1-RELEASE anteriores a p8, versiones 11.4-ESTABLE anteriores a r362167, versiones 11.4-RELEASE anteriores a de p2 y versiones 11.3-RELEA... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:21.usb_net.asc • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 21EXPL: 0CVE-2020-7460 – FreeBSD Kernel sendmsg System Call Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-7460
06 Aug 2020 — In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation. En FreeBSD versiones 12.1-ESTABLE anteriores a r363918, versiones 12.1-RELEASE anteriores a p8, versiones 11.4-ESTABLE anteriores a r363919, version... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:23.sendmsg.asc • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2020-7458
https://notcve.org/view.php?id=CVE-2020-7458
09 Jul 2020 — In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution. En FreeBSD versiones 12.1-STABLE anteriores a r362281, versiones 11.4-STABLE anteriores a r362281 y versiones 11.4-RELEASE anteriores a p1, los valores largos en la variable de entorno PATH controlada por el usuario causan que la función p... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:18.posix_spawnp.asc • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 64%CPEs: 21EXPL: 2CVE-2020-7457 – FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-7457
09 Jul 2020 — In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory after being freed, possibly resulting in code execution. En FreeBSD versiones 12.1-ESTABLE anteriores a r359565, versiones 12.1-RELEASE anteriores a p7, versiones 11.4-ESTABLE anteriores a r362975, versiones 11.4-R... • https://packetstorm.news/files/id/158695 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free CWE-662: Improper Synchronization •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2020-7456
https://notcve.org/view.php?id=CVE-2020-7456
09 Jun 2020 — In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing an attacker with physical access to a USB port to be able to use a specially crafted USB device to gain kernel or user-space code execution. En FreeBSD versión 12.1-ESTABLE versiones anteriores a r361918, 12.1-RELEASE versiones anter... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:17.usb.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •