freebsd freebsd 10.4 vulnerabilities and exploits

(subscribe to this query)

In FreeBSD prior to 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue coul...

Freebsd Freebsd 10.3 Freebsd Freebsd 10.4 Freebsd Freebsd

In FreeBSD prior to 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory.

Freebsd Freebsd 11.2 Freebsd Freebsd 10.4 Freebsd Freebsd

1 Github repository

In FreeBSD prior to 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a...

Freebsd Freebsd 11.2 Freebsd Freebsd Freebsd Freebsd 10.4 Freebsd Freebsd 11.1

In FreeBSD prior to 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed...

Freebsd Freebsd 11.2 Freebsd Freebsd 10.4 Freebsd Freebsd 11.1 Freebsd Freebsd

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 up to and including 4.2.8p10 allows remote malicious users to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

Ntp Ntp 4.2.8 Freebsd Freebsd 10.4 Freebsd Freebsd 11.1 Freebsd Freebsd 10.3 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 17.10 Canonical Ubuntu Linux 18.04 Netapp Element Software -

1 Article

In FreeBSD prior to 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, due to insufficient initialization of memory copied to userland, small amounts of kernel memory may be disclosed to userland processes. Unprivileged users may be able to access sm...

Freebsd Freebsd

In FreeBSD prior to 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be ...

Freebsd Freebsd

In FreeBSD prior to 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE(r332321), and 10.4-RELEASE-p9, due to insufficient initialization of memory copied to userland in the Linux subsystem and Atheros wireless driver, small amounts of kernel memory may be disclosed to userland p...

Freebsd Freebsd

In FreeBSD prior to 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, the length field of the ipsec option header does not count the size of the option header itself, causing an infinite loop when the length is zero. This issue can allow a remote at...

Freebsd Freebsd

In FreeBSD prior to 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly clear the memory of the kld_file_stat structure before filling the data. Since the structure filled by the kernel is allocated on t...

Freebsd Freebsd -

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook