17 matches found
CVE-2026-45255
When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...
CVE-2026-45255 Remote code execution via installer Wi-Fi access point scans
When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...
CVE-2026-45255
CVE-2026-45255 affects the BSD installer/config tooling (bsdinstall/bsdconfig). During Wi‑Fi network scans, code builds a list of network names and prompts the user with bsddialog(1). The shell script handling network names does not sanitize shell expansion, allowing a crafted SSID to execute com...
CVE-2026-45255 Remote code execution via installer Wi-Fi access point scans
When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...
CVE-2026-45255
When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...
EUVD-2026-31263
When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...
FreeBSD Security Advisory - FreeBSD-SA-26:23.bsdinstall
FreeBSD Security Advisory - When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not...
PT-2026-42398
Name of the Vulnerable Software and Affected Versions FreeBSD versions 14.x Description A stack buffer overflow exists in the setcred2 system call. The issue occurs because a user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer before the privilege level of t...
FreeBSD-SA-26:23.bsdinstall
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:23.bsdinstall Security Advisory The FreeBSD Project Topic: Remote code execution via installer Wi-Fi access point scans Category: core Module: bsdinstall...
FreeBSD -- Remote code execution via installer Wi-Fi access point scans
Problem Description: When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to...
FreeBSD : FreeBSD -- Insecure default GELI keyfile permissions (0b65f297-600a-11e6-a6c3-14dae9d210b8)
The default permission set by bsdinstall8 installer when configuring full disk encrypted ZFS is too open. Impact : A local attacker may be able to get a copy of the geli8 provider's keyfile which is located at a fixed location. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
Design/Logic Flaw
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile /boot/encryption.key, which allows local users to obtain sensitive key information by reading the file...
CVE-2015-1415
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile /boot/encryption.key, which allows local users to obtain sensitive key information by reading the file...
CVE-2015-1415
FreeBSD 10.x installations using the bsdinstall installer with full-disk encrypted ZFS store the GELI master key in /boot/encryption.key with permissions 0644, exposing the key to local users. Root cause: default keyfile permissions are too open (world-readable) instead of 0600. Impact: local att...
FreeBSD Security Advisory FreeBSD-SA-15:08.bsdinstall
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:08.bsdinstall Security Advisory The FreeBSD Project Topic: Insecure default GELI keyfile permissions Category: core Module: bsdinstall Announced: 2015-04-07...
FreeBSD-SA-15:08.bsdinstall
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:08.bsdinstall Security Advisory The FreeBSD Project Topic: Insecure default GELI keyfile permissions Category: core Module: bsdinstall Announced: 2015-04-07...
FreeBSD -- Insecure default GELI keyfile permissions
Problem Description: The default permission set by bsdinstall8 installer when configuring full disk encrypted ZFS is too open. Impact: A local attacker may be able to get a copy of the geli8 provider's keyfile which is located at a fixed location...