13 matches found
CVE-2015-5675
Removed by vendor...
CVE-2016-1883
The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors...
Code injection
The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists."...
CVE-2016-1880
CVE-2016-1880 concerns FreeBSD’s Linux binary compatibility layer. The issue arises from a programming error in handling Linux futex robust lists, potentially allowing a local user to read portions of kernel memory and escalate privileges on affected systems. Affected: FreeBSD versions with Linux...
FreeBSD-SA-16:22.libarchive
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:22.libarchive Security Advisory The FreeBSD Project Topic: Directory traversal in cpio1 Category: contrib Module: libarchive Announced: 2016-05-31 Credits:...
Integer overflow
Integer signedness error in the genkbdcommonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service memory overwrite and kernel crash, or ga...
CVE-2016-1886
Removed by vendor...
CVE-2016-1885
Integer signedness error in the amd64setldt function in sys/amd64/amd64/sysmachdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service kernel panic via an i386setldt system call, which triggers a heap-based buffer overflow...
Integer overflow
Integer signedness error in the amd64setldt function in sys/amd64/amd64/sysmachdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service kernel panic via an i386setldt system call, which triggers a heap-based buffer overflow...
CVE-2014-0998
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-0998
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
FreeBSD-SA-14:13.pam
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:13.pam Security Advisory The FreeBSD Project Topic: Incorrect error handling in PAM policy parser Category: contrib Module: pam Announced: 2014-06-03 Credits...