19 matches found
CVE-2015-5675
Removed by vendor...
Code injection
The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists."...
CVE-2016-1883
The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors...
CVE-2016-1880
CVE-2016-1880 concerns FreeBSD’s Linux binary compatibility layer. The issue arises from a programming error in handling Linux futex robust lists, potentially allowing a local user to read portions of kernel memory and escalate privileges on affected systems. Affected: FreeBSD versions with Linux...
Juniper Networks Junos OS libc Vulnerability
Junos OS is prone to a vulnerability in libc. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...
FreeBSD-SA-16:22.libarchive
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:22.libarchive Security Advisory The FreeBSD Project Topic: Directory traversal in cpio1 Category: contrib Module: libarchive Announced: 2016-05-31 Credits:...
Integer overflow
Integer signedness error in the genkbdcommonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service memory overwrite and kernel crash, or ga...
CVE-2016-1887
Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen argument, which triggers a...
CVE-2016-1886
Removed by vendor...
CVE-2016-1885
Integer signedness error in the amd64setldt function in sys/amd64/amd64/sysmachdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service kernel panic via an i386setldt system call, which triggers a heap-based buffer overflow...
Integer overflow
Integer signedness error in the amd64setldt function in sys/amd64/amd64/sysmachdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service kernel panic via an i386setldt system call, which triggers a heap-based buffer overflow...
Heap overflow
The sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted application...
CVE-2014-0998
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
Null pointer dereference
The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted RECONFIG chunk...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-0998
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
FreeBSD-SA-14:27.stdio
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:27.stdio Security Advisory The FreeBSD Project Topic: Buffer overflow in stdio Category: core Module: libc Announced: 2014-12-10 Credits: Adrian Chadd and...
CVE-2014-3711
namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service memory exhaustion via vectors that trigger a sandboxed process to look up a large number of nonexistent path names...
CVE-2014-3955
routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service assertion failure and daemon exit via an RIP request from a source not on a directly connected network...