FreeBSD : FreeBSD -- System call kernel data register leak (683c714d-2d91-11e9-bf3e-a4badb2f4699)

The callee-save registers are used by kernel and for some of them %r8, %r10, and for non-PTI configurations, %r9 the content is not sanitized before return from syscalls, potentially leaking sensitive information. Impact : Typically an address of some kernel data structure used in the syscall...

FreeBSD -- System call kernel data register leak

Problem Description: The callee-save registers are used by kernel and for some of them %r8, %r10, and for non-PTI configurations, %r9 the content is not sanitized before return from syscalls, potentially leaking sensitive information. Impact: Typically an address of some kernel data structure use...

CVE-2018-8565

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka "Win32k Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server...

FreeBSD Information Disclosure Vulnerability (CNVD-2020-38781)

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project, headed by the Core Team team, and is an important branch of Unix-like systems that have evolved through BSD, 386BSD, and 4.4BSD. A security vulnerability exists in FreeBSD. A local attacker can exploit this vulnerability...

CVE-2018-17155

In FreeBSD before 11.2-STABLEr338983, 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLEr338984, and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes...

Authorization

In FreeBSD before 11.2-STABLEr338983, 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLEr338984, and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes...

CVE-2018-17155

In FreeBSD before 11.2-STABLEr338983, 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLEr338984, and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes...

CVE-2018-17155

Removed by vendor...

UBUNTU-CVE-2017-7558

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

Design/Logic Flaw

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

CVE-2017-7558

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

FreeBSD Information Disclosure Vulnerability (CNVD-2018-09247)

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project, headed by the Core Team team, and is an important branch of Unix-like systems that have evolved through BSD, 386BSD, and 4.4BSD. A security vulnerability exists in FreeBSD versions prior to 11.1-STABLE r332066 and prior ...

Design/Logic Flaw

In FreeBSD before 11.1-STABLEr332066 and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of...

CVE-2018-6920

In FreeBSD before 11.1-STABLEr332303, 11.1-RELEASE-p10, 10.4-STABLEr332321, and 10.4-RELEASE-p9, due to insufficient initialization of memory copied to userland in the Linux subsystem and Atheros wireless driver, small amounts of kernel memory may be disclosed to userland processes. Unprivileged...

Design/Logic Flaw

In FreeBSD before 11.1-STABLEr332303, 11.1-RELEASE-p10, 10.4-STABLEr332321, and 10.4-RELEASE-p9, due to insufficient initialization of memory copied to userland in the Linux subsystem and Atheros wireless driver, small amounts of kernel memory may be disclosed to userland processes. Unprivileged...

CVE-2018-6921

In FreeBSD before 11.1-STABLEr332066 and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of...

FreeBSD Integer Overflow Vulnerability

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project, headed by the Core Team team, and is an important branch of Unix-like systems that have evolved through BSD, 386BSD, and 4.4BSD. An integer overflow vulnerability exists in FreeBSD, which stems from the program's failure...

FreeBSD Local Information Disclosure Vulnerability (CNVD-2018-08818)

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project, headed by the Core Team team, and is an important branch of Unix-like systems that have evolved through BSD, 386BSD, and 4.4BSD. A security vulnerability exists in FreeBSD that stems from a program's failure to adequatel...

CVE-2018-6919

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, due to insufficient initialization of memory copied to userland, small amounts of kernel memory may be disclosed to userland processes. Unprivileged users may be able to access small amounts...

CVE-2018-6919

Removed by vendor...