CVE-2019-15880

In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A null pointer dereference while receiving CIPSO packet with null category may cause kernel panic...

PT-2020-3072

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a buffer overflow in the Direct IO function of the Linux kernel, which can be exploited to gain unauthorized access to protected information or cause a denial o...

FreeBSD : FreeBSD -- Improper checking in SCTP-AUTH shared key update (253486f5-947d-11ea-92ab-00163e433440)

The SCTP layer does improper checking when an application tries to update a shared key. Therefore an unprivileged local user can trigger a use-after- free situation, for example by specific sequences of updating shared keys and closing the SCTP association. Impact : Triggering the use-after-free...

FreeBSD : FreeBSD -- Insufficient cryptodev MAC key length check (0bfcae0b-947f-11ea-92ab-00163e433440)

Requests to create cryptography sessions using a MAC did not validate the user-supplied MAC key length. The cryptodev module allocates a buffer whose size is this user-suppled length. Impact : An unprivileged process can trigger a kernel panic. C Tenable Network Security, Inc. The descriptive tex...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2020-12769

A flaw was found in the Linux kernel. A kernel panic can occur when concurrent calls to dwspiirq and dwspitransferone are made. The highest threat from this vulnerability is to system availability. Mitigation Mitigation for this issue is either not available or the currently available options don...

FreeBSD-SA-20:16.cryptodev

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:16.cryptodev Security Advisory The FreeBSD Project Topic: Insufficient cryptodev MAC key length check Category: core Module: cryptodev Announced: 2020-05-12...

RHEL 6 : kernel (RHSA-2020:2103)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2103 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: NetLabel: null pointer dereference whil...

CVE-2019-15874

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results...

CVE-2019-5614

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable results...

CVE-2019-5614

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable results...

CVE-2019-15874

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results...

Out-of-bounds

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable results...

CVE-2019-5614

CVE-2019-5614 affects FreeBSD ipfw, where incomplete packet data validation can cause out-of-bounds memory access, leading to kernel panics or other unpredictable results. Affects FreeBSD 12.1-STABLE before r356035 and 12.1-RELEASE before 12.1-RELEASE-p4, and 11.3-STABLE before r356036 and 11.3-R...

CVE-2019-5614

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable results...

CVE-2019-5614

Removed by vendor...

CVE-2019-15874

The CVE-2019-15874 issue affects FreeBSD ipfw in 11.x/12.x where incomplete packet data validation may cause memory access after it has been freed, leading to kernel panics or other unpredictable results. Affected are FreeBSD 12.1-STABLE before r356035 and 12.1-RELEASE before 12.1-RELEASE-p4, and...

CVE-2019-15874

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results...

kernel: use-after-free in function __mdiobus_register() in drivers/net/phy/mdio_bus.c

A use-after-free flaw was found in the Linux kernel's MDIO section of the network management subsystem. An attacker who is able to hot-plug a network device can trigger the mdiobusregister function in drivers/net/phy/mdiobus.c, which can cause a use-after-free condition causing a memory corruptio...