Freebsd

Freebsd

503 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2018-17156

Exploit
  • EPSS 0.38%
  • Published 28.11.2018 16:29:00
  • Last modified 21.11.2024 03:53:58

In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.inet.icmp.qu...

5.5

CVE-2018-6925

  • EPSS 0.04%
  • Published 28.09.2018 13:29:01
  • Last modified 21.11.2024 04:11:26

In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local...

5.5

CVE-2018-17154

  • EPSS 0.04%
  • Published 28.09.2018 13:29:00
  • Last modified 21.11.2024 03:53:58

In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able to caus...

5.5

CVE-2018-17155

  • EPSS 0.05%
  • Published 28.09.2018 13:29:00
  • Last modified 21.11.2024 03:53:58

In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of ke...

7.1

CVE-2018-6924

  • EPSS 0.06%
  • Published 12.09.2018 14:29:01
  • Last modified 21.11.2024 04:11:26

In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory.

7.5

CVE-2017-1082

Exploit
  • EPSS 0.42%
  • Published 12.09.2018 14:29:00
  • Last modified 21.11.2024 03:21:18

In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack usage and potential overflow. Applications that use...

7.8

CVE-2017-1083

Exploit
  • EPSS 0.39%
  • Published 12.09.2018 14:29:00
  • Last modified 21.11.2024 03:21:18

In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow.

7.8

CVE-2017-1084

Exploit
  • EPSS 27.57%
  • Published 12.09.2018 14:29:00
  • Last modified 21.11.2024 03:21:18

In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written process could be cause a stack overflow.

7.8

CVE-2017-1085

Exploit
  • EPSS 0.67%
  • Published 12.09.2018 14:29:00
  • Last modified 21.11.2024 03:21:18

In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code i...

7.8

CVE-2018-6923

  • EPSS 2.16%
  • Published 04.09.2018 18:29:00
  • Last modified 21.11.2024 04:11:25

In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a remote attacker who is able to send an arbitrary i...