CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-17154
https://notcve.org/view.php?id=CVE-2018-17154
In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able to cause a denial of service. En FreeBSD en versiones anteriores a la 11.2-STABLE(r338987), 11.2-RELEASE-p4 y 11.1-RELEASE-p15, debido a una comprobación de memoria insuficiente en la llamada del sistema freebsd4_getfsstat, puede ocurrir una desreferencia de puntero NULL. Los usuarios autenticados no privilegiados podrían ser capaces de provocar una denegación de servicio (DoS). • https://security.FreeBSD.org/advisories/FreeBSD-EN-18:10.syscall.asc • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-17155
https://notcve.org/view.php?id=CVE-2018-17155
In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts privileged kernel data. En FreeBSD, en versiones anteriores a 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984) y 10.4-RELEASE-p13, debido a la insuficiente inicialización de la memoria copiada al espacio de usuario en las llamadas del sistema getcontext y swapcontext, podrían divulgarse pequeñas cantidades de memoria del kernel al proceso del espacio de usuario. Los usuarios locales autenticados sin privilegios podrían ser capaces de acceder pequeñas cantidades de datos privilegiados del kernel. • https://security.FreeBSD.org/advisories/FreeBSD-EN-18:12.mem.asc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 85EXPL: 0CVE-2017-13084
https://notcve.org/view.php?id=CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave STK (Transient Key) STSL (Station-To-Station-Link) durante la negociación PeerKey, haciendo que un atacante que se sitúe dentro del radio reproduzca, descifre o suplante frames. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt http://www.kb.cert.org/vuls/id/228519 http://www.securityfocus.com/bid/101274 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.securitytracker.com/id/1039581 https://access.redhat.com/security/vulnerabilities/kracks https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf https://security.gentoo.org/glsa/201711-03 https://support.lenovo.com/us/en/product_secur • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •
CVSS: 8.1EPSS: 0%CPEs: 85EXPL: 0CVE-2017-13077 – wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake
https://notcve.org/view.php?id=CVE-2017-13077
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave temporal (TK) PTK (Pairwise Transient Key) durante la negociación en cuatro pasos, haciendo que un atacante que se sitúe entro del radio responda, descifre o suplante frames. A new exploitation technique called key reinstallation attacks (KRACKs) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) during a 4-way handshake. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt http://www.debian.org/security/2017/dsa-3999 http://www.kb.cert.org/vuls/id/228519 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/101274 http://www.securitytracker.com/id/1039573 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.security • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •
CVSS: 8.1EPSS: 0%CPEs: 85EXPL: 1CVE-2017-13082 – wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it
https://notcve.org/view.php?id=CVE-2017-13082
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11r permite la reinstalación de la clave temporal PTK (Pairwise Transient Key) durante la negociación de la transmisión rápida (FT) BSS, haciendo que un atacante en el rango de radio reproduzca, descifre o suplante frames. A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) by retransmitting Fast BSS Transition (FT) Reassociation Requests. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt http://www.debian.org/security/2017/dsa-3999 http://www.kb.cert.org/vuls/id/228519 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/101274 http://www.securitytracker.com/id/1039570 http://www.securitytracker.com/id& • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •