CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2020-7451
https://notcve.org/view.php?id=CVE-2020-7451
In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosing one byte of kernel memory over the network. En FreeBSD versiones 12.1-2.1-STABLE anteriores a r358739, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, versiones 11.3-STABLE anteriores a r358740, y versiones 11.3-RELEASE anteriores a 11.3-RELEASE-p7, un segmento de TCP SYN-ACK o de desafío TCP-ACK sobre IPv6 que es transmitido o retransmitido no inicializa apropiadamente el campo Traffic Class que revela un byte de memoria del kernel por medio de la red. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:04.tcp.asc • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2019-15876
https://notcve.org/view.php?id=CVE-2019-15876
In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r356090, and 11.3-RELEASE before 11.3-RELEASE-p7, driver specific ioctl command handlers in the oce network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to send passthrough commands to the device firmware. En FreeBSD versiones 12.1-STABLE anteriores a r356089, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, versiones 11.3-STABLE anteriores a r356090 y versiones 11.3-RELEASE anteriores a 11.3-RELEASE-p7, los manejadores del comando ioctl específico del controlador en el controlador de red oce presentaron un fallo al comprobar si él que llama tiene suficientes privilegios que permite a los usuarios no privilegiados enviar comandos passthrough al firmware del dispositivo. • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:05.if_oce_ioctl.asc • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-15877
https://notcve.org/view.php?id=CVE-2019-15877
In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory. En FreeBSD versiones 12.1-STABLE anteriores a r356606 y versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, los manejadores del comando ioctl específico del controlador en el controlador de red ixl presentaron un fallo al comprobar si él que llama tiene suficientes privilegios que permite a los usuarios no privilegiados activar actualizaciones en la memoria no volátil del dispositivo . • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:06.if_ixl_ioctl.asc • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 8%CPEs: 38EXPL: 1CVE-2020-1967 – Segmentation fault in SSL_check_chain
https://notcve.org/view.php?id=CVE-2020-1967
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. • https://github.com/irsl/CVE-2020-1967 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html http://seclists.org/fulldisclosure/2020/May/5 http://www.openwall.com/lists/oss-security/2020/04/22/2 https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=eb563247aef3e83dda7679c43f9649270462e5b1 https:/&# • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10565
https://notcve.org/view.php?id=CVE-2020-10565
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhyve process, resulting in code execution as root on the host OS. grub2-bhyve, como es usado en FreeBSD bhyve anterior a revisión 525916 12-02-2020, no comprueba la dirección proporcionada como parte de un comando memrw (read_* o write_*) por parte de un invitado mediante un archivo grub2.cfg. Esto permite a un invitado no confiable llevar a cabo operaciones de lectura o escritura arbitrarias en el contexto del proceso de grub-bhyve, resultando en una ejecución de código de tipo root en el Sistema Operativo host. • https://svnweb.freebsd.org/ports?view=revision&revision=525916 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •