CVE-2020-25581
https://notcve.org/view.php?id=CVE-2020-25581
In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jail_remove(2) implementation, it may fail to kill some of the processes. En FreeBSD versiones 12.2-STABLE anteriores a r369312, 11.4-STABLE anteriores a r369313, 12.2-RELEASE anteriores a p4 y 11.4-RELEASE anteriores a p8, debido a una condición de carrera en la implementación de jail_remove(2), puede cometer un fallo al eliminar algunos de los procesos. • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:04.jail_remove.asc https://security.netapp.com/advisory/ntap-20210423-0006 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2020-25580
https://notcve.org/view.php?id=CVE-2020-25580
In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 a regression in the login.access(5) rule processor has the effect of causing rules to fail to match even when they should not. This means that rules denying access may be ignored. En FreeBSD versiones 12.2-STABLE anteriores a r369346, 11.4-STABLE anteriores a r369345, 12.2-RELEASE anteriores a p4 y 11.4-RELEASE anteriores a p8, una regresión en el procesador de reglas login.access(5) tiene el efecto de causar que las reglas no coincidan incluso cuando no debería. Esto significa que las reglas que niegan el acceso pueden ignorarse. • https://security.FreeBSD.org/advisories/FreeBSD-SA-21:03.pam_login_access.asc https://security.netapp.com/advisory/ntap-20210423-0005 • CWE-697: Incorrect Comparison •
CVE-2020-7467
https://notcve.org/view.php?id=CVE-2020-7467
In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped. En FreeBSD versiones 12.2-STABLE anteriores a r365767, 11.4-STABLE anteriores a r365769, 12.1-RELEASE anteriores a p10, 11.4-RELEASE anteriores a p4 y 11.3-RELEASE anteriores a p14, varias instrucciones de virtualización de AMD que operan en direcciones físicas de host, no están sujetas a la traducción de tablas de páginas anidadas, y el uso de estas instrucciones por parte de los invitados no fueron captadas. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:29.bhyve_svm.asc • CWE-269: Improper Privilege Management •
CVE-2021-3450 – CA certificate check bypass with X509_V_FLAG_X509_STRICT
https://notcve.org/view.php?id=CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. • http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mc • CWE-295: Improper Certificate Validation •
CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. • http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulse • CWE-476: NULL Pointer Dereference •