4 matches found
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-8612
CVE-2014-8612 corresponds to multiple FreeBSD kernel SCTP issues. The SCTP_SS_VALUE path allows a local attacker to craft an out-of-bounds stream_id index into stcb->asoc.strmout, enabling 16-bit kernel memory write (memory corruption) and, via the function pointer path, arbitrary write of a 1...
CVE-2014-8612
creationtimestamp| type| source ---|---|--- 2015-01-29 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35938...
FreeBSD Kernel Multiple Vulnerabilities
1. Advisory Information Title: FreeBSD Kernel Multiple Vulnerabilities Advisory ID: CORE-2015-0003 Advisory URL: www.coresecurity.com/core-labs/advisories/freebsd-kernel-multiple-vulnerabilities Date published: 2015-01-27 Date of last update: 2015-01-27 Vendors contacted: FreeBSD Release mode:...