CVE-2019-5614
https://notcve.org/view.php?id=CVE-2019-5614
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable results. En FreeBSD versiones 12.1-ESTABLE anteriores a r356035, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p4, versiones 11.3-ESTABLE anteriores a r356036 y versiones 11.3-RELEASE anteriores a 11.3-RELEASE-p8, la comprobación incompleta de los datos del paquete puede resultar en un acceso a la memoria fuera de límites conllevando a un pánico del kernel u otros resultados impredecibles. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:10.ipfw.asc https://security.netapp.com/advisory/ntap-20200511-0002 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2019-15874
https://notcve.org/view.php?id=CVE-2019-15874
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results. En FreeBSD versiones 12.1-ESTABLE anteriores a r356035, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p4, versiones 11.3-ESTABLE anteriores a r356036 y versiones 11.3-RELEASE anteriores a 11.3-RELEASE-p8, la comprobación incompleta de los datos del paquete puede resultar en un acceso a la memoria después de haberse liberado conllevando a un pánico del kernel u otros resultados impredecibles. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:10.ipfw.asc https://security.netapp.com/advisory/ntap-20200511-0002 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVE-2020-7452
https://notcve.org/view.php?id=CVE-2020-7452
In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and potentially execute arbitrary code in the kernel. En FreeBSD versiones 12.1-ESTABLE anteriores a r357490, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, versiones 11.3-ESTABLE anteriores a r357489 y versiones 11.3-RELEASE anteriores a 11.3-RELEASE-p7, se permite el uso incorrecto de un puntero controlado por el usuario en el módulo de red virtual vnet de epair enjauló a usuarios con privilegios para aterrorizar el sistema host y potencialmente ejecutar código arbitrario en el kernel. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:07.epair.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2020-7453
https://notcve.org/view.php?id=CVE-2020-7453
In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jail_set configuration option "osrelease" may return more bytes with a subsequent jail_get system call allowing a malicious jail superuser with permission to create nested jails to read kernel memory. En FreeBSD versiones 12.1-ESTABLE anteriores a r359021, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, versiones 11.3-ESTABLE anteriores a r359020 y versiones 11.3-RELEASE anteriores a 11.3-RELEASE-p7, una falta de comprobación de terminación null en la opción de configuración "osrelease" de jail_set puede devolver más bytes con una llamada posterior al sistema jail_get que permite a un superusuario de jaula (jail) malicioso con permiso para crear jaulas (jails) anidadas leer la memoria del kernel. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:08.jail.asc • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2020-7451
https://notcve.org/view.php?id=CVE-2020-7451
In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosing one byte of kernel memory over the network. En FreeBSD versiones 12.1-2.1-STABLE anteriores a r358739, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, versiones 11.3-STABLE anteriores a r358740, y versiones 11.3-RELEASE anteriores a 11.3-RELEASE-p7, un segmento de TCP SYN-ACK o de desafío TCP-ACK sobre IPv6 que es transmitido o retransmitido no inicializa apropiadamente el campo Traffic Class que revela un byte de memoria del kernel por medio de la red. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:04.tcp.asc • CWE-908: Use of Uninitialized Resource •