Page 54 of 460 results (0.012 seconds)

CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0

CVE-2019-5612

https://notcve.org/view.php?id=CVE-2019-5612

In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer. En FreeBSD versión 12.0-STABLE anterior a r351264, versión 12.0-RELEASE anterior a 12.0-RELEASE-p10, versión 11.3-STABLE anterior a r351265, versión 11.3-RELEASE anterior a 11.3-RELEASE-p3, y versión 11.2-RELEASE anterior a 11.2-RELEASE-p14, el controlador del kernel para /dev/midistat implementa un manejador de lectura que no es un hilo (subproceso) seguro. Un programa multihilo puede explotar las carreras en el manejador para copiar fuera de la memoria del kernel, fuera de límites del búfer de datos de midistat. • https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc https://security.netapp.com/advisory/ntap-20190910-0002 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 2

CVE-2019-5611

https://notcve.org/view.php?id=CVE-2019-5611

In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service. En FreeBSD versión 12.0-STABLE anterior a r350828, versión 12.0-RELEASE anterior a 12.0-RELEASE-p10, versión 11.3-STABLE anterior a r350829, versión 11.3-RELEASE anterior a 11.3-RELEASE-p3, y versión 11.2-RELEASE anterior a 11.2-RELEASE-p14, una falta de comprobación en la función para organizar los datos en una cadena de mbufs podría causar que los datos devueltos no sean contiguos. Las comprobaciones adicionales en la pila de IPv6 podrían detectar la condición de error y desencadenar un pánico del kernel, conllevando a una denegación de servicio remoto. • http://packetstormsecurity.com/files/154170/FreeBSD-Security-Advisory-FreeBSD-SA-19-22.mbuf.html https://seclists.org/bugtraq/2019/Aug/33 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:22.mbuf.asc https://security.netapp.com/advisory/ntap-20190910-0002 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 3%CPEs: 43EXPL: 0

CVE-2019-9517 – Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service

https://notcve.org/view.php?id=CVE-2019-9517

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. Algunas implementaciones HTTP / 2 son vulnerables al almacenamiento en búfer de datos interal sin restricciones, lo que puede conducir a una denegación de servicio. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://www.openwall.com/lists/oss-security/2019/08/15/7 https://access.redhat.com/errata/RHSA-2019:2893 https://access.redhat.com/errata/RHSA-2019:2925 https://access.redhat.com/errata/RHSA-2019:2939 https://access.redhat.com/errata/RHSA-2019:2946 https:/ • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0

CVE-2019-5610

https://notcve.org/view.php?id=CVE-2019-5610

In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service. En FreeBSD versión 12.0-STABLE anterior a r350637, versión 12.0-RELEASE anterior a 12.0-RELEASE-p9, versión 11.3-STABLE anterior a r350638, versión 11.3-RELEASE anterior a 11.3-RELEASE-p2, y versión 11.2-RELEASE anterior a 11.2-RELEASE-p13, la biblioteca bsnmp no comprueba apropiadamente la longitud enviada desde una codificación type-length-value. Un usuario remoto podría causar una lectura fuera de límites o desencadenar un bloqueo del software, tal y como bsnmpd, resultando en una denegación de servicio. • http://packetstormsecurity.com/files/153959/FreeBSD-Security-Advisory-FreeBSD-SA-19-20.bsnmp.html https://seclists.org/bugtraq/2019/Aug/6 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:20.bsnmp.asc https://security.netapp.com/advisory/ntap-20190910-0002 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 1%CPEs: 25EXPL: 0

CVE-2019-5608

https://notcve.org/view.php?id=CVE-2019-5608

In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic. En FreeBSD versión 12.0-STABLE anterior a r350648, versión 12.0-RELEASE anterior a 12.0-RELEASE-p9, versión 11.3-STABLE anterior a r350650, versión 11.3-RELEASE anterior a 11.3-RELEASE-p2, y versión 11.2-RELEASE anterior a 11.2-RELEASE-p13, la ruta (path) de entrada de ICMPv6 maneja incorrectamente los casos donde un paquete de consulta de escucha MLDv2 se fragmenta internamente por medio de mbufs múltiples. Un atacante remoto puede causar una lectura o escritura fuera de límites que puede provocar que el kernel intente acceder a una página sin asignar y, posteriormente, un pánico. • https://security.FreeBSD.org/advisories/FreeBSD-SA-19:19.mldv2.asc https://security.netapp.com/advisory/ntap-20190910-0002 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •