EUVD-2022-28197

Malicious code in bioql PyPI...

EUVD-2024-48983

Malicious code in bioql PyPI...

CVE-2024-8158

A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user. This is due to lib9p not properly verifying that the uname given in the Tauth and Tattach 9p messages matches...

CVE-2024-8158

CVE-2024-8158 involves a bug in the lib9p 9p authentication implementation that can allow an attacker with a valid user to impersonate another filesystem user. The issue stems from lib9p not consistently verifying that the uname in Tauth/Tattach messages matches the client UID returned by the fac...

CVE-2022-23092

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

CVE-2022-23092

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

Out-of-bounds

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

CVE-2022-23092 Missing bounds check in 9p message handling

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

CVE-2022-23092 Missing bounds check in 9p message handling

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

CVE-2022-23092

The CVE-2022-23092 issue affects lib9p’s handling of RWALK messages. A missing bounds check during unpacking can cause a crafted RWALK message to overwrite memory, with the attack path via a malicious bhyve guest kernel potentially affecting the bhyve(8) process and, subject to Capsicum sandboxin...

FreeBSD : FreeBSD -- Missing bounds check in 9p message handling (8eaaf135-1893-11ed-9b22-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8eaaf135-1893-11ed-9b22-002590c1f29c advisory. - The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when...

FreeBSD-SA-22:12.lib9p

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:12.lib9p Security Advisory The FreeBSD Project Topic: Missing bounds check in 9p message handling Category: contrib Module: lib9p Announced: 2022-08-09...

FreeBSD -- Missing bounds check in 9p message handling

Problem Description: The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. Impact: The bug can be...