EUVD-2013-3730

Malware in sbrugna...

EUVD-2015-2708

Malware in sbrugna...

EUVD-2022-28190

Malicious code in bioql PyPI...

CVE-2022-23085

A user-provided integer option was passed to nmreqcopyin without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can affect the host...

CVE-2022-23084

The total size of the user-provided nmreq to nmreqcopyin was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can...

PT-2022-6217 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is caused by an integer overflow in the nmreq copyin function of the netmap component. This insufficient bounds checking could lead to kernel memory corruption. On systems...

FreeBSD : FreeBSD -- jail_remove(2) fails to kill all jailed processes (31ad2f10-7711-11eb-b87a-901b0ef719ab)

Due to a race condition in the jailremove2 implementation, it may fail to kill some of the processes. Impact : A process running inside a jail can avoid being killed during jail termination. If a jail is subsequently started with the same root path, a lingering jailed process may be able to explo...

Solaris 10 (x86) : 128492-01

SunOS 5.10x86: devfs patch. Date this patch was last updated by Sun : Nov/28/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 10 (sparc) : 128491-01

SunOS 5.10: devfs patch. Date this patch was last updated by Sun : Nov/28/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

FreeBSD : FreeBSD -- devfs rules not applied by default for jails (6b6ca5b6-6007-11e6-a6c3-14dae9d210b8)

The default devfs rulesets are not loaded on boot, even when jails are used. Device nodes will be created in the jail with their normal default access permissions, while most of them should be hidden and inaccessible. Impact : Jailed processes can get access to restricted resources on the host...

CVE-2015-2616

Unspecified vulnerability in Oracle Sun Solaris 3.3 and 4.2 allows local users to affect availability via unknown vectors related to DevFS...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 3.3 and 4.2 allows local users to affect availability via unknown vectors related to DevFS...

CVE-2015-2616

Unspecified vulnerability in Oracle Sun Solaris 3.3 and 4.2 allows local users to affect availability via unknown vectors related to DevFS...

CVE-2015-2616

CVE-2015-2616 : The connected CNVD entry describes an Oracle Solaris cluster issue within the DevFS component that could be exploited by a local attacker to crash the system, i.e., a Denial of Service. The Solaris Platform (Oracle Solaris Cluster DevFS) is the affected area; no details on vulnera...

Oracle Solaris Critical Patch Update : july2013_SRU11_1_9_5_1

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Driver/IDM iSCSI Data Mover. The supported version that is affected is 11. Easily exploitable vulnerability allow...

CVE-2014-3001

FreeBSD devfs: For FreeBSD 10.0 up to patch p2, default devfs rulesets are not loaded on boot, causing device nodes to be created in jails with normal default permissions. This enables jailed processes to access restricted host devices and could lead to information leakage or privilege escalation...

FreeBSD Security Advisory FreeBSD-SA-14:07.devfs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:07.devfs Security Advisory The FreeBSD Project Topic: devfs rules not applied by default for jails Category: core Module: etcrc.d Announced: 2014-04-30...

FreeBSD devfs protection bypass

Jailed processes are not restricted in devfs access...

FreeBSD-SA-14:07.devfs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:07.devfs Security Advisory The FreeBSD Project Topic: devfs rules not applied by default for jails Category: core Module: etcrc.d Announced: 2014-04-30...

FreeBSD -- devfs rules not applied by default for jails

Problem Description: The default devfs rulesets are not loaded on boot, even when jails are used. Device nodes will be created in the jail with their normal default access permissions, while most of them should be hidden and inaccessible. Impact: Jailed processes can get access to restricted...